⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.81
Server IP:
178.33.27.10
Server:
Linux cpanel.dev-unit.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
Server Software:
Apache/2.4.62 (Unix) OpenSSL/1.0.2k-fips
PHP Version:
8.2.25
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
usr
/
local
/
apache
/
domlogs
/
View File Name :
my-office.aboalilawfirm.com.error.log
[Wed Sep 17 13:28:36.796553 2025] [authz_core:error] [pid 31429:tid 31487] [client 157.230.19.140:60242] AH01630: client denied by server configuration: /home/mysuits1/aboalilawfirm.mysuits.app/server-status [Wed Sep 17 13:28:48.525279 2025] [authz_core:error] [pid 31428:tid 31480] [client 157.230.19.140:45834] AH01630: client denied by server configuration: /home/mysuits1/aboalilawfirm.mysuits.app/server-status [Thu Sep 18 01:10:59.597415 2025] [rewrite:error] [pid 31428:tid 31498] [client 154.28.229.134:25532] AH10508: Unsafe URL with %3f URL rewritten without UnsafeAllow3F [Thu Sep 18 02:16:57.196645 2025] [rewrite:error] [pid 31427:tid 31444] [client 103.4.250.123:57772] AH10508: Unsafe URL with %3f URL rewritten without UnsafeAllow3F [Thu Sep 18 05:15:26.568335 2025] [rewrite:error] [pid 7848:tid 7986] [client 104.252.191.93:18502] AH10508: Unsafe URL with %3f URL rewritten without UnsafeAllow3F [Thu Nov 13 15:53:47.205160 2025] [:error] [pid 10383:tid 10465] [client 195.178.110.201:55260] [client 195.178.110.201] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){8,}" at REQUEST_COOKIES:handl_landing_page. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: = found within REQUEST_COOKIES:handl_landing_page: https://livebh.com/apartments/granada-apartment-homes/?utm_source=name_change&utm_medium=redirect&utm_campaign=meadowbrook&original_referrer=https://meadowbrooktyler.com"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "my-office.aboalilawfirm.com"] [uri "/"] [unique_id "aRXi69qv8leTQIC0Mtc8pQAAAIY"] [Sat Nov 15 02:30:05.415298 2025] [:error] [pid 16823:tid 16893] [client 45.148.10.42:38120] [client 45.148.10.42] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "my-office.aboalilawfirm.com"] [uri "/error.log"] [unique_id "aRfJjXwyw67k6BIOBf9tNgAAAIc"] [Sat Nov 15 02:30:05.438073 2025] [:error] [pid 16823:tid 16908] [client 45.148.10.42:38120] [client 45.148.10.42] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "my-office.aboalilawfirm.com"] [uri "/access.log"] [unique_id "aRfJjXwyw67k6BIOBf9tNwAAAI8"] [Sat Nov 15 02:30:05.460782 2025] [:error] [pid 16823:tid 16910] [client 45.148.10.42:38120] [client 45.148.10.42] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "my-office.aboalilawfirm.com"] [uri "/debug.log"] [unique_id "aRfJjXwyw67k6BIOBf9tOAAAAJA"] [Sat Nov 15 02:30:05.483708 2025] [:error] [pid 16823:tid 16922] [client 45.148.10.42:38120] [client 45.148.10.42] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "my-office.aboalilawfirm.com"] [uri "/php_errors.log"] [unique_id "aRfJjXwyw67k6BIOBf9tOQAAAJg"] [Sat Nov 15 02:30:05.506341 2025] [:error] [pid 16823:tid 16883] [client 45.148.10.42:38120] [client 45.148.10.42] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "my-office.aboalilawfirm.com"] [uri "/logs/error.log"] [unique_id "aRfJjXwyw67k6BIOBf9tOgAAAII"] [Sat Nov 15 02:30:05.529142 2025] [:error] [pid 16823:tid 16902] [client 45.148.10.42:38120] [client 45.148.10.42] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "my-office.aboalilawfirm.com"] [uri "/logs/access.log"] [unique_id "aRfJjXwyw67k6BIOBf9tOwAAAIw"] [Sat Nov 15 02:30:05.551980 2025] [:error] [pid 16823:tid 16913] [client 45.148.10.42:38120] [client 45.148.10.42] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "my-office.aboalilawfirm.com"] [uri "/logs/debug.log"] [unique_id "aRfJjXwyw67k6BIOBf9tPAAAAJI"] [Sat Nov 15 02:30:05.594175 2025] [:error] [pid 16823:tid 16880] [client 45.148.10.42:38120] [client 45.148.10.42] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "my-office.aboalilawfirm.com"] [uri "/storage/logs/laravel.log"] [unique_id "aRfJjXwyw67k6BIOBf9tPQAAAIE"] [Sat Nov 15 02:30:05.616281 2025] [:error] [pid 16823:tid 16906] [client 45.148.10.42:38120] [client 45.148.10.42] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_30_http_policy.conf"] [line "88"] [id "960035"] [rev "2"] [msg "URL file extension is restricted by policy"] [data ".log"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/EXT_RESTRICTED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "my-office.aboalilawfirm.com"] [uri "/wp-content/debug.log"] [unique_id "aRfJjXwyw67k6BIOBf9tPgAAAI4"] [Sun Nov 16 00:54:13.281044 2025] [authz_core:error] [pid 1114:tid 1152] [client 206.189.233.36:52086] AH01630: client denied by server configuration: /home/mysuits1/aboalilawfirm.mysuits.app/server-status [Mon Nov 17 12:48:45.691215 2025] [rewrite:error] [pid 411:tid 442] [client 103.4.250.140:53944] AH10508: Unsafe URL with %3f URL rewritten without UnsafeAllow3F [Mon Nov 24 00:41:34.167365 2025] [core:error] [pid 22768:tid 22820] [client 18.236.67.123:46234] Script timed out before returning headers: index.php [Mon Nov 24 00:41:34.201431 2025] [core:error] [pid 29400:tid 29421] [client 18.236.67.123:45488] Script timed out before returning headers: index.php [Wed Jan 14 12:32:50.143832 2026] [authz_core:error] [pid 27483:tid 27560] [client 143.244.168.161:46078] AH01630: client denied by server configuration: /home/mysuits1/aboalilawfirm.mysuits.app/server-status [Wed Jan 14 12:33:08.187888 2026] [authz_core:error] [pid 27483:tid 27552] [client 138.197.191.87:41464] AH01630: client denied by server configuration: /home/mysuits1/aboalilawfirm.mysuits.app/server-status [Wed Jan 14 12:45:46.930292 2026] [rewrite:error] [pid 27580:tid 27591] [client 104.164.173.164:48454] AH10508: Unsafe URL with %3f URL rewritten without UnsafeAllow3F [Sat Jan 17 11:35:35.645951 2026] [authz_core:error] [pid 10288:tid 10305] [client 157.245.36.108:46104] AH01630: client denied by server configuration: /home/mysuits1/aboalilawfirm.mysuits.app/server-status [Sat Jan 17 11:35:54.774033 2026] [authz_core:error] [pid 10168:tid 10225] [client 138.68.86.32:50022] AH01630: client denied by server configuration: /home/mysuits1/aboalilawfirm.mysuits.app/server-status [Sat Jan 17 11:37:00.922798 2026] [rewrite:error] [pid 10462:tid 10480] [client 103.4.251.235:14318] AH10508: Unsafe URL with %3f URL rewritten without UnsafeAllow3F [Tue Jan 20 23:52:34.404581 2026] [rewrite:error] [pid 8009:tid 8027] [client 104.164.126.173:12066] AH10508: Unsafe URL with %3f URL rewritten without UnsafeAllow3F [Fri Feb 13 00:55:58.137127 2026] [authz_core:error] [pid 24451:tid 24477] [client 206.189.2.13:46674] AH01630: client denied by server configuration: /home/mysuits1/aboalilawfirm.mysuits.app/server-status [Fri Feb 13 00:56:16.338964 2026] [rewrite:error] [pid 402:tid 415] [client 103.4.251.152:2216] AH10508: Unsafe URL with %3f URL rewritten without UnsafeAllow3F [Fri Feb 13 00:56:18.148605 2026] [authz_core:error] [pid 402:tid 429] [client 165.227.173.41:42832] AH01630: client denied by server configuration: /home/mysuits1/aboalilawfirm.mysuits.app/server-status [Fri Feb 13 01:23:29.256079 2026] [rewrite:error] [pid 24451:tid 24480] [client 107.172.195.107:64900] AH10508: Unsafe URL with %3f URL rewritten without UnsafeAllow3F [Fri Feb 13 02:11:22.203530 2026] [rewrite:error] [pid 13989:tid 14003] [client 107.172.195.129:37188] AH10508: Unsafe URL with %3f URL rewritten without UnsafeAllow3F [Wed Mar 04 03:30:39.737579 2026] [authz_host:error] [pid 1563:tid 1595] [client 198.235.24.86:64520] AH01753: access check of 'localhost' to /server-status failed, reason: unable to get the remote host name [Wed Mar 04 03:30:39.737599 2026] [authz_core:error] [pid 1563:tid 1595] [client 198.235.24.86:64520] AH01630: client denied by server configuration: /home/mysuits1/aboalilawfirm.mysuits.app/server-status [Wed Mar 04 03:54:01.537835 2026] [authz_host:error] [pid 366:tid 372] [client 205.210.31.40:58566] AH01753: access check of 'localhost' to /server-status failed, reason: unable to get the remote host name [Wed Mar 04 03:54:01.537863 2026] [authz_core:error] [pid 366:tid 372] [client 205.210.31.40:58566] AH01630: client denied by server configuration: /home/mysuits1/aboalilawfirm.mysuits.app/server-status [Wed Mar 04 18:38:20.450403 2026] [authz_host:error] [pid 32700:tid 32742] [client 198.235.24.172:64260] AH01753: access check of 'localhost' to /server-status failed, reason: unable to get the remote host name [Wed Mar 04 18:38:20.450424 2026] [authz_core:error] [pid 32700:tid 32742] [client 198.235.24.172:64260] AH01630: client denied by server configuration: /home/mysuits1/aboalilawfirm.mysuits.app/server-status [Wed Mar 04 18:43:07.509039 2026] [authz_host:error] [pid 366:tid 373] [client 198.235.24.82:61390] AH01753: access check of 'localhost' to /server-status failed, reason: unable to get the remote host name [Wed Mar 04 18:43:07.509080 2026] [authz_core:error] [pid 366:tid 373] [client 198.235.24.82:61390] AH01630: client denied by server configuration: /home/mysuits1/aboalilawfirm.mysuits.app/server-status [Wed Mar 04 19:51:05.578601 2026] [authz_host:error] [pid 19294:tid 19321] [client 205.210.31.79:64722] AH01753: access check of 'localhost' to /server-status failed, reason: unable to get the remote host name [Wed Mar 04 19:51:05.578628 2026] [authz_core:error] [pid 19294:tid 19321] [client 205.210.31.79:64722] AH01630: client denied by server configuration: /home/mysuits1/aboalilawfirm.mysuits.app/server-status [Wed Mar 04 20:12:17.985037 2026] [authz_host:error] [pid 32701:tid 300] [client 198.235.24.151:58202] AH01753: access check of 'localhost' to /server-status failed, reason: unable to get the remote host name [Wed Mar 04 20:12:17.985062 2026] [authz_core:error] [pid 32701:tid 300] [client 198.235.24.151:58202] AH01630: client denied by server configuration: /home/mysuits1/aboalilawfirm.mysuits.app/server-status [Sat Mar 14 00:57:02.950963 2026] [authz_core:error] [pid 18275:tid 18387] [client 139.59.143.102:40736] AH01630: client denied by server configuration: /home/mysuits1/aboalilawfirm.mysuits.app/server-status [Sat Mar 14 00:57:03.737929 2026] [authz_core:error] [pid 5203:tid 5225] [client 159.65.144.72:58272] AH01630: client denied by server configuration: /home/mysuits1/aboalilawfirm.mysuits.app/server-status [Sat Mar 14 18:04:20.050229 2026] [rewrite:error] [pid 14273:tid 14343] [client 103.196.9.217:37900] AH10508: Unsafe URL with %3f URL rewritten without UnsafeAllow3F [Sat Mar 14 20:58:20.404339 2026] [rewrite:error] [pid 22938:tid 23118] [client 103.4.251.159:4550] AH10508: Unsafe URL with %3f URL rewritten without UnsafeAllow3F