OwlCyberSecurity - MANAGER

Edit File: awstats032026.testtwo.onebox.pk.txt

AWSTATS DATA FILE 7.9 (build 20230108)
# If you remove this file, all statistics for date 202603 will be lost/reset.
# Last config file used to build this data file was /home/oneboxpk/tmp/awstats/awstats.testtwo.onebox.pk.conf.

# Position (offset in bytes) in this file for beginning of each section for
# direct I/O access. If you made changes somewhere in this file, you should
# also remove completely the MAP section (AWStats will rewrite it at next
# update).
BEGIN_MAP 28
POS_GENERAL 2048                
POS_TIME 2707                
POS_VISITOR 7516                
POS_DAY 9060                
POS_DOMAIN 3430                
POS_LOGIN 3743                
POS_ROBOT 3898                
POS_WORMS 4231                
POS_EMAILSENDER 4362                
POS_EMAILRECEIVER 4505                
POS_SESSION 9503                
POS_FILESIZE 10042               
POS_SIDER 9660                
POS_FILETYPES 4640                
POS_DOWNLOADS 4741                
POS_OS 4789                
POS_BROWSER 4939                
POS_SCREENSIZE 5247                
POS_UNKNOWNREFERER 5321                
POS_UNKNOWNREFERERBROWSER 6037                
POS_ORIGIN 6345                
POS_SEREFERRALS 6477                
POS_PAGEREFS 6621                
POS_SEARCHWORDS 6769                
POS_KEYWORDS 6921                
POS_MISC 2370                
POS_ERRORS 6980                
POS_CLUSTER 3599                
POS_SIDER_404 7102                
END_MAP

# LastLine    = Date of last record processed - Last record line number in last log - Last record offset in last log - Last record signature value
# FirstTime   = Date of first visit for history file
# LastTime    = Date of last visit for history file
# LastUpdate  = Date of last update - Nb of parsed records - Nb of parsed old records - Nb of parsed new records - Nb of parsed corrupted - Nb of parsed dropped
# TotalVisits = Number of visits
# TotalUnique = Number of unique visitors
# MonthHostsKnown   = Number of hosts known
# MonthHostsUnKnown = Number of hosts unknown
BEGIN_GENERAL 8
LastLine 20260401000333 1 0 8102446204972
FirstTime 0
LastTime 20260331141013
LastUpdate 20260415203429 1 0 0 0 0
TotalVisits 41                  
TotalUnique 40                  
MonthHostsKnown 0                   
MonthHostsUnknown 40                  
END_GENERAL

# Misc ID - Pages - Hits - Bandwidth
BEGIN_MISC 10
JavaEnabled 0 0 0
QuickTimeSupport 0 0 0
FlashSupport 0 0 0
DirectorSupport 0 0 0
JavascriptDisabled 0 0 0
PDFSupport 0 0 0
WindowsMediaPlayerSupport 0 0 0
RealPlayerSupport 0 0 0
TotalMisc 0 0 0
AddToFavourites 0 10 0
END_MISC

# Hour - Pages - Hits - Bandwidth - Not viewed Pages - Not viewed Hits - Not viewed Bandwidth
BEGIN_TIME 24
0 1 1 317 140 141 56832
1 1 1 317 738 739 311155
2 1 1 317 269 269 105789
3 1 1 317 577 577 250098
4 1 1 317 637 637 255539
5 1 1 317 263 264 119338
6 0 0 0 253 253 108927
7 1 1 317 244 245 97947
8 0 0 0 397 397 184133
9 0 0 0 254 254 115758
10 2 2 634 171 171 79918
11 1 1 317 125 127 53500
12 5 5 1585 15 19 13156
13 3 3 951 18 18 12445
14 3 3 951 1013 1063 635274
15 0 0 0 164 164 66122
16 0 0 0 291 291 119669
17 3 3 951 582 585 243309
18 4 4 1268 125 127 54603
19 0 0 0 350 350 139732
20 16 16 1949 139 141 69455
21 4 4 1268 188 188 77500
22 3 3 951 432 433 199492
23 1 1 317 522 522 255115
END_TIME

# Domain - Pages - Hits - Bandwidth
# The 25 first Pages must be first (order not required for others)
BEGIN_DOMAIN 9
us 35 35 9485
ca 4 4 951
gb 3 3 721
rs 2 2 634
zz 2 2 174
ru 2 2 634
bg 2 2 128
in 1 1 317
nl 1 1 317
END_DOMAIN

# Cluster ID - Pages - Hits - Bandwidth
BEGIN_CLUSTER 0
END_CLUSTER

# Login - Pages - Hits - Bandwidth - Last visit
# The 10 first Pages must be first (order not required for others)
BEGIN_LOGIN 0
END_LOGIN

# Robot ID - Hits - Bandwidth - Last visit - Hits on robots.txt
# The 25 first Hits must be first (order not required for others)
BEGIN_ROBOT 6
curl 7 2219 20260326144550 0
checker 6 1902 20260329190209 0
no_user_agent 4 3320 20260325231956 0
Go\-http\-client/ 2 634 20260329115030 0
survey 1 317 20260307024100 0
scanner 1 317 20260301041328 0
END_ROBOT

# Worm ID - Hits - Bandwidth - Last visit
# The 5 first Hits must be first (order not required for others)
BEGIN_WORMS 0
END_WORMS

# EMail - Hits - Bandwidth - Last visit
# The 20 first Hits must be first (order not required for others)
BEGIN_EMAILSENDER 0
END_EMAILSENDER

# EMail - Hits - Bandwidth - Last visit
# The 20 first hits must be first (order not required for others)
BEGIN_EMAILRECEIVER 0
END_EMAILRECEIVER

# Files type - Hits - Bandwidth - Bandwidth without compression - Bandwidth after compression
BEGIN_FILETYPES 2
Unknown 12 998 0 0
html 40 12363 0 0
END_FILETYPES

# Downloads - Hits - Bandwidth
BEGIN_DOWNLOADS 0
END_DOWNLOADS

# OS ID - Hits
BEGIN_OS ID - Hits - Pages 7
win7 1 1
win10 15 15
Unknown 23 23
linuxubuntu 2 2
macosx15 3 3
macosx 2 2
linux 6 6
END_OS

# Browser ID - Hits - Pages
BEGIN_BROWSER 14
mozilla 15 15
chrome126.0.0.0 1 1
firefox142.0 2 2
firefox135.0 1 1
safari26.0 2 2
chrome95.0.4638.69 2 2
chrome78.0.3904.108 12 12
firefox141.0 1 1
netscape5.0 4 4
chrome144.0.0.0 1 1
chrome142.0.0.0 4 4
Unknown 4 4
firefox134.0 2 2
chrome46.0.2490.80 1 1
END_BROWSER

# Screen size - Hits
BEGIN_SCREENSIZE 0
END_SCREENSIZE

# Unknown referer OS - Last visit date
BEGIN_UNKNOWNREFERER 8
Mozilla/5.0_(compatible;_InternetMeasurement/1.0;__https://internet-measurement.com/) 20260317101935
RootEvidence/1.0 20260323115026
Cpanel-HTTP-Client/1.0 20260325201804
Mozilla/5.0_(l9scan/2.0.0323e2634323e20363e27333;__https://leakix.net) 20260325202125
Hello_from_Palo_Alto_Networks,_find_out_more_about_our_scans_in_https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity 20260303232153
Mozilla/5.0_(compatible;_Let's_Encrypt_validation_server;__https://www.letsencrypt.org) 20260325201927
Mozilla/5.0_(compatible;_CensysInspect/1.1;__https://about.censys.io/) 20260326013637
Mozilla/5.0 20260316145012
END_UNKNOWNREFERER

# Unknown referer Browser - Last visit date
BEGIN_UNKNOWNREFERERBROWSER 3
Cpanel-HTTP-Client/1.0 20260325201804
RootEvidence/1.0 20260323115026
Hello_from_Palo_Alto_Networks,_find_out_more_about_our_scans_in_https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity 20260303232153
END_UNKNOWNREFERERBROWSER

# Origin - Pages - Hits 
BEGIN_ORIGIN 6
From0 52 52
From1 0 0
From2 0 0
From3 0 0
From4 0 0
From5 0 0
END_ORIGIN

# Search engine referers ID - Pages - Hits
BEGIN_SEREFERRALS 0
END_SEREFERRALS

# External page referers - Pages - Hits
# The 25 first Pages must be first (order not required for others)
BEGIN_PAGEREFS 0
END_PAGEREFS

# Search keyphrases - Number of search
# The 10 first number of search must be first (order not required for others)
BEGIN_SEARCHWORDS 0
END_SEARCHWORDS

# Search keywords - Number of search
# The 25 first number of search must be first (order not required for others)
BEGIN_KEYWORDS 0
END_KEYWORDS

# Errors - Hits - Bandwidth
BEGIN_ERRORS 3
404 19 6745
500 2168 1541448
403 5757 2060794
END_ERRORS

# URL with 404 errors - Hits - Last URL referrer
BEGIN_SIDER_404 3
/.well-known/pki-validation/rafa.php 2 -
/.well-known/pki-validation/gu.php 2 -
/index/function.php 15 -
END_SIDER_404

# Host - Pages - Hits - Bandwidth - Last visit date - [Start date of last visit] - [Last page of last visit]
# [Start date of last visit] and [Last page of last visit] are saved only if session is not finished
# The 25 first Hits must be first (order not required for others)
BEGIN_VISITOR 40
35.199.173.156 3 3 951 20260327222421
35.202.204.127 3 3 951 20260322135244
64.227.162.66 3 3 951 20260308215459
159.89.174.87 3 3 634 20260325202125
34.29.115.131 3 3 951 20260330185715
141.98.11.181 2 2 634 20260327004421
37.60.246.20 2 2 128 20260325201804
71.6.236.104 1 1 317 20260323115026
23.178.112.106 1 1 87 20260325201925
35.87.118.67 1 1 87 20260325201926
91.231.89.16 1 1 317 20260325204732
167.99.202.166 1 1 317 20260303145227
98.87.188.21 1 1 317 20260315071553
199.45.154.136 1 1 317 20260304053729
23.178.112.107 1 1 87 20260325201924
16.16.146.142 1 1 87 20260325201926
54.201.230.145 1 1 87 20260325201925
185.247.137.13 1 1 317 20260317101935
143.198.36.113 1 1 317 20260317123526
18.219.58.99 1 1 87 20260325201926
77.221.141.115 1 1 317 20260320211432
18.119.255.21 1 1 87 20260325201925
46.101.160.234 1 1 317 20260331141013
13.213.5.102 1 1 87 20260325201927
91.231.89.37 1 1 317 20260326041330
159.203.82.41 1 1 317 20260327171021
52.0.247.87 1 1 317 20260321125036
104.168.98.195 1 1 317 20260309123013
3.82.234.136 1 1 317 20260323022341
161.35.9.52 1 1 317 20260326172738
3.139.242.79 1 1 317 20260309033516
13.215.250.42 1 1 87 20260325201925
205.210.31.164 1 1 317 20260303232153
51.20.69.216 1 1 87 20260325201925
66.132.195.47 1 1 317 20260326013637
103.150.33.197 1 1 317 20260316145012
107.172.58.36 1 1 317 20260330104321
167.94.138.176 1 1 317 20260311124224
24.199.119.128 1 1 317 20260312181209
199.45.155.66 1 1 317 20260318172456
END_VISITOR

# Date - Pages - Hits - Bandwidth - Visits
BEGIN_DAY 20
20260302 1 1 317 1
20260303 2 2 634 2
20260304 1 1 317 1
20260308 3 3 951 1
20260309 2 2 634 2
20260311 1 1 317 1
20260312 1 1 317 1
20260315 1 1 317 1
20260316 1 1 317 1
20260317 2 2 634 2
20260318 1 1 317 1
20260320 1 1 317 1
20260321 1 1 317 1
20260322 3 3 951 1
20260323 2 2 634 2
20260325 16 16 1949 13
20260326 3 3 951 3
20260327 5 5 1585 3
20260330 4 4 1268 2
20260331 1 1 317 1
END_DAY

# Session range - Number of visits
BEGIN_SESSION 2
30s-2mn 1
0s-30s 40
END_SESSION

# URL - Pages - Bandwidth - Entry - Exit
# The 25 first Pages must be first (order not required for others)
BEGIN_SIDER 5
/ 40 12363 30 30
/.well-known/acme-challenge/j-q5rp-TaRQMezHIs-aVatGdffomXWeidVYR5Pzfmb8 5 435 5 5
/.well-known/acme-challenge/lsbAxXLs9tF0GWVxhY3WLdgK9D1QHsYbN85n4vppg0c 5 435 5 5
/.well-known/acme-challenge/MKP1DYSCTS2YOX7-C4OPMCG0LY9RU3LA 1 64 0 1
/.well-known/acme-challenge/L1RM-LY1IUA5JABP-Z4K4ZJJFTQ-2R-M 1 64 1 0
END_SIDER

# Payload Range - Payload Frequency
BEGIN_FILESIZE 4
500-1K 2182
0-44 1
100-500 5832
44-100 12
END_FILESIZE