HEX
Server: Apache
System: Linux msm5694.mjhst.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User: camjab_ssh (1000)
PHP: 5.3.29
Disabled: NONE
$ pwd: /var/lib/modsecurity/audit/20260103/20260103-1932/
Upload Files
File: //var/lib/modsecurity/audit/20260103/20260103-1932/20260103-193202-aVm1ArhenDUAAHQBDD8AAAA3
--068bce56-A--
[03/Jan/2026:19:32:02 --0500] aVm1ArhenDUAAHQBDD8AAAA3 113.249.101.170 56628 127.0.1.3 80
--068bce56-B--
GET /?author=16 HTTP/1.1
X-Real-IP: 113.249.101.170
Host: www.xxx111.com
Connection: close
User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_161)
Accept-Encoding: gzip,deflate

--068bce56-F--
HTTP/1.1 406 Not Acceptable
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1

--068bce56-E--

--068bce56-H--
Message: Access denied with code 406 (phase 2). Matched phrase "Java" at REQUEST_HEADERS:User-Agent. [file "/etc/httpd/modsecurity.d/active_rules/badbots.conf"] [line "1"] [id "350001"] [rev "1"] [msg "BAD BOT - Detected and Blocked. "] [severity "CRITICAL"]
Action: Intercepted (phase 2)
Stopwatch: 1767486722472006 443 (- - -)
Stopwatch2: 1767486722472006 443; combined=43, p1=36, p2=7, p3=0, p4=0, p5=0, sr=25, sw=0, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.1 (http://www.modsecurity.org/); 200911012341.
Server: Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.2k-fips PHP/5.3.29 mod_fastcgi/2.4.6
Engine-Mode: "ENABLED"

--068bce56-Z--
@ Telegram