HEX
Server: Apache
System: Linux msm5694.mjhst.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User: camjab_ssh (1000)
PHP: 5.3.29
Disabled: NONE
$ pwd: /var/lib/modsecurity/audit/20251027/20251027-1705/
Upload Files
File: //var/lib/modsecurity/audit/20251027/20251027-1705/20251027-170508-aP-ehLhenDUAAB@2JK0AAAAQ
--e7917731-A--
[27/Oct/2025:17:05:08 --0400] aP-ehLhenDUAAB@2JK0AAAAQ 78.159.130.8 40324 127.0.0.179 80
--e7917731-B--
GET / HTTP/1.1
X-Real-IP: 78.159.130.8
Host: www.sosalty.com
Connection: close
User-Agent: masscan/1.3 (https://github.com/robertdavidgraham/masscan)
Accept: */*

--e7917731-F--
HTTP/1.1 406 Not Acceptable
Content-Length: 316
Connection: close
Content-Type: text/html; charset=iso-8859-1

--e7917731-E--

--e7917731-H--
Message: Access denied with code 406 (phase 2). Matched phrase "masscan" at REQUEST_HEADERS:User-Agent. [file "/etc/httpd/modsecurity.d/active_rules/badbots.conf"] [line "1"] [id "350001"] [rev "1"] [msg "BAD BOT - Detected and Blocked. "] [severity "CRITICAL"]
Action: Intercepted (phase 2)
Stopwatch: 1761599108784439 424 (- - -)
Stopwatch2: 1761599108784439 424; combined=46, p1=40, p2=6, p3=0, p4=0, p5=0, sr=27, sw=0, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.1 (http://www.modsecurity.org/); 200911012341.
Server: Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.2k-fips PHP/5.3.29 mod_fastcgi/2.4.6
Engine-Mode: "ENABLED"

--e7917731-Z--
@ Telegram