OwlCyberSecurity - MANAGER

Edit File: awstats072025.testone.onebox.pk.txt

AWSTATS DATA FILE 7.9 (build 20230108)
# If you remove this file, all statistics for date 202507 will be lost/reset.
# Last config file used to build this data file was /home/oneboxpk/tmp/awstats/ssl/awstats.testone.onebox.pk.conf.

# Position (offset in bytes) in this file for beginning of each section for
# direct I/O access. If you made changes somewhere in this file, you should
# also remove completely the MAP section (AWStats will rewrite it at next
# update).
BEGIN_MAP 28
POS_GENERAL 2052                
POS_TIME 2724                
POS_VISITOR 9066                
POS_DAY 10464               
POS_DOMAIN 3328                
POS_LOGIN 3663                
POS_ROBOT 3818                
POS_WORMS 4272                
POS_EMAILSENDER 4403                
POS_EMAILRECEIVER 4546                
POS_SESSION 10827               
POS_FILESIZE 11077               
POS_SIDER 10974               
POS_FILETYPES 4681                
POS_DOWNLOADS 4828                
POS_OS 4876                
POS_BROWSER 5092                
POS_SCREENSIZE 5524                
POS_UNKNOWNREFERER 5598                
POS_UNKNOWNREFERERBROWSER 6387                
POS_ORIGIN 6963                
POS_SEREFERRALS 7096                
POS_PAGEREFS 7240                
POS_SEARCHWORDS 7388                
POS_KEYWORDS 7540                
POS_MISC 2387                
POS_ERRORS 7599                
POS_CLUSTER 3519                
POS_SIDER_404 7693                
END_MAP

# LastLine    = Date of last record processed - Last record line number in last log - Last record offset in last log - Last record signature value
# FirstTime   = Date of first visit for history file
# LastTime    = Date of last visit for history file
# LastUpdate  = Date of last update - Nb of parsed records - Nb of parsed old records - Nb of parsed new records - Nb of parsed corrupted - Nb of parsed dropped
# TotalVisits = Number of visits
# TotalUnique = Number of unique visitors
# MonthHostsKnown   = Number of hosts known
# MonthHostsUnKnown = Number of hosts unknown
BEGIN_GENERAL 8
LastLine 20250801154625 1 0 8603995098341
FirstTime 20250702150522
LastTime 20250730195150
LastUpdate 20250801181215 1 0 0 0 0
TotalVisits 34                  
TotalUnique 34                  
MonthHostsKnown 0                   
MonthHostsUnknown 35                  
END_GENERAL

# Misc ID - Pages - Hits - Bandwidth
BEGIN_MISC 10
JavaEnabled 0 0 0
QuickTimeSupport 0 0 0
FlashSupport 0 0 0
DirectorSupport 0 0 0
AddToFavourites 0 19 0
RealPlayerSupport 0 0 0
JavascriptDisabled 0 0 0
PDFSupport 0 0 0
TotalMisc 0 0 0
WindowsMediaPlayerSupport 0 0 0
END_MISC

# Hour - Pages - Hits - Bandwidth - Not viewed Pages - Not viewed Hits - Not viewed Bandwidth
BEGIN_TIME 24
0 0 0 0 1 2 820
1 3 3 2259 2 5 4004
2 0 0 0 0 0 0
3 3 3 2259 1 1 0
4 1 1 753 1 1 753
5 0 0 0 4 6 2393
6 0 0 0 4 11 1497938
7 1 2 6100 2 4 4690
8 2 2 1506 3 5 5443
9 0 0 0 3 6 2460
10 3 4 716872 5 11 7150
11 2 5 2145345 2 8 5510
12 1 1 753 1 2 4623
13 1 2 6100 3 6 5510
14 1 2 6100 0 1 3870
15 3 5 722219 2 4 8493
16 0 0 0 0 0 0
17 11 19 1520360 21 25 17739
18 0 0 0 0 0 0
19 2 2 1506 1 3 7740
20 1 2 715366 1 2 715366
21 0 0 0 3 3 753
22 0 0 0 39 43 3146
23 2 5 17547 3 5 7740
END_TIME

# Domain - Pages - Hits - Bandwidth
# The 25 first Pages must be first (order not required for others)
BEGIN_DOMAIN 10
us 21 37 2991457
ru 4 5 7606
ca 4 4 3012
fr 2 2 0
za 1 2 715366
cn 1 1 753
ir 1 1 753
eu 1 1 753
de 1 4 2144592
au 1 1 753
END_DOMAIN

# Cluster ID - Pages - Hits - Bandwidth
BEGIN_CLUSTER 0
END_CLUSTER

# Login - Pages - Hits - Bandwidth - Last visit
# The 10 first Pages must be first (order not required for others)
BEGIN_LOGIN 0
END_LOGIN

# Robot ID - Hits - Bandwidth - Last visit - Hits on robots.txt
# The 25 first Hits must be first (order not required for others)
BEGIN_ROBOT 9
bot[\s_+:,\.\;\/\\-] 25 1500619 20250730015829 11
MJ12bot/ 20 8200 20250725132818 10
no_user_agent 7 5271 20250724171956 0
Go\-http\-client/ 2 1506 20250725220229 0
survey 1 753 20250707203235 0
scrapy 1 753 20250730123447 0
curl 1 753 20250724214430 0
unknown 1 67 20250717015315 1
libwww\-perl 1 714613 20250725203547 0
END_ROBOT

# Worm ID - Hits - Bandwidth - Last visit
# The 5 first Hits must be first (order not required for others)
BEGIN_WORMS 0
END_WORMS

# EMail - Hits - Bandwidth - Last visit
# The 20 first Hits must be first (order not required for others)
BEGIN_EMAILSENDER 0
END_EMAILSENDER

# EMail - Hits - Bandwidth - Last visit
# The 20 first hits must be first (order not required for others)
BEGIN_EMAILRECEIVER 0
END_EMAILRECEIVER

# Files type - Hits - Bandwidth - Bandwidth without compression - Bandwidth after compression
BEGIN_FILETYPES 5
js 8 5716904 0 0
png 11 59935 0 0
json 2 984 0 0
css 2 63126 0 0
html 35 24096 0 0
END_FILETYPES

# Downloads - Hits - Bandwidth
BEGIN_DOWNLOADS 0
END_DOWNLOADS

# OS ID - Hits
BEGIN_OS ID - Hits - Pages 11
linux 10 8
ios_iphone 12 4
macosx10 2 2
android 1 0
macosx15 2 2
androidpie 3 1
win10 3 3
Unknown 21 14
macosx13 2 2
androidmarshmallow 1 1
winxp 1 0
END_OS

# Browser ID - Hits - Pages
BEGIN_BROWSER 20
Unknown 6 5
chrome67.0.3396.87 1 1
chrome108.0.0.0 2 2
mozilla 13 6
firefox137.0 2 2
chrome52.0.6247.98 1 1
chrome62.0.3202.94 2 2
chrome41.0.2227.1 1 1
chrome58.0.3029.110 1 0
safari 12 4
chrome119.0.0.0 1 1
chrome73.0.3683.103 1 1
netscape4.8 1 0
sonyericsson 1 1
chrome76.0.3809.89 1 0
chrome120.0.0.0 1 1
chrome76.0.3809.111 1 0
android 1 0
chrome137.0.0.0 7 7
netscape5.0 2 2
END_BROWSER

# Screen size - Hits
BEGIN_SCREENSIZE 0
END_SCREENSIZE

# Unknown referer OS - Last visit date
BEGIN_UNKNOWNREFERER 6
Mozilla/5.0_zgrab/0.x 20250723015044
Mozilla/5.0_(compatible;_CensysInspect/1.1;__https://about.censys.io/) 20250715234517
Expanse,_a_Palo_Alto_Networks_company,_searches_across_the_global_IPv4_space_multiple_times_per_day_to_identify_customers&#39;_presences_on_the_Internet._If_you_would_like_to_be_excluded_from_our_scans,_please_send_IP_addresses/domains_to:_scaninfo@paloaltonetworks.com 20250709101501
Mozilla/5.0_(compatible;_InternetMeasurement/1.0;__https://internet-measurement.com/) 20250704071827
Hello_from_Palo_Alto_Networks,_find_out_more_about_our_scans_in_https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity 20250723030428
SonyEricssonT68/R201A 20250725100730
END_UNKNOWNREFERER

# Unknown referer Browser - Last visit date
BEGIN_UNKNOWNREFERERBROWSER 3
Expanse,_a_Palo_Alto_Networks_company,_searches_across_the_global_IPv4_space_multiple_times_per_day_to_identify_customers&#39;_presences_on_the_Internet._If_you_would_like_to_be_excluded_from_our_scans,_please_send_IP_addresses/domains_to:_scaninfo@paloaltonetworks.com 20250709101501
Hello_from_Palo_Alto_Networks,_find_out_more_about_our_scans_in_https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity 20250723030428
Uzbl_(Webkit_1.3)_(Linux_i686_[i686]) 20250725100757
END_UNKNOWNREFERERBROWSER

# Origin - Pages - Hits 
BEGIN_ORIGIN 6
From0 35 48
From1 0 0
From2 0 0
From3 0 0
From4 2 10
From5 0 0
END_ORIGIN

# Search engine referers ID - Pages - Hits
BEGIN_SEREFERRALS 0
END_SEREFERRALS

# External page referers - Pages - Hits
# The 25 first Pages must be first (order not required for others)
BEGIN_PAGEREFS 0
END_PAGEREFS

# Search keyphrases - Number of search
# The 10 first number of search must be first (order not required for others)
BEGIN_SEARCHWORDS 0
END_SEARCHWORDS

# Search keywords - Number of search
# The 25 first number of search must be first (order not required for others)
BEGIN_KEYWORDS 0
END_KEYWORDS

# Errors - Hits - Bandwidth
BEGIN_ERRORS 2
404 74 0
500 2 76
END_ERRORS

# URL with 404 errors - Hits - Last URL referrer
BEGIN_SIDER_404 54
/cloud-config.yml 1 -
/config.xml 1 -
/.svn/wc.db 1 -
/info.php 1 -
/.ssh/id_ecdsa 1 -
/telescope/requests 1 -
/wp-admin/setup-config.php 1 -
/manifest.js 4 -
/.ssh/id_ed25519 1 -
/user_secrets.yml 1 -
/@vite/env 1 -
/server.key 1 -
/config.php 1 -
/web.config 1 -
/server-status 2 -
/_vti_pvt/service.pwd 1 -
/login.action 1 -
/backup.sql 1 -
/.aws/credentials 1 -
/api/.env 1 -
/s/0323e2634323e20363e27333/_/ 1 -
/settings.py 1 -
/database_backup.sql 1 -
/config.yml 1 -
/database.sql 1 -
/debug/default/view 1 -
/about 1 -
/.git/HEAD 1 -
/.git/config 9 -
/config/production.json 1 -
/wp-config.php 1 -
/.env 3 -
/server 1 -
/backup.tar.gz 1 -
/actuator/env 1 -
/secrets.json 1 -
/backup.zip 1 -
/_all_dbs 1 -
/db/schema.rb 1 -
/sitemap.xml 3 -
/feed 1 -
/.ssh/id_rsa 1 -
/etc/ssl/private/server.key 1 -
/config.json 3 -
/.env.production 1 -
/config.yaml 1 -
/docker-compose.yml 1 -
/dump.sql 1 -
/login 2 -
/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application 1 -
/v2/_catalog 1 -
/.DS_Store 1 -
/phpinfo.php 1 -
/.vscode/sftp.json 2 -
END_SIDER_404

# Host - Pages - Hits - Bandwidth - Last visit date - [Start date of last visit] - [Last page of last visit]
# [Start date of last visit] and [Last page of last visit] are saved only if session is not finished
# The 25 first Hits must be first (order not required for others)
BEGIN_VISITOR 35
104.253.252.48 2 6 758674 20250724172541
217.13.62.63 2 2 0 20250724171950
104.232.199.122 2 6 758674 20250724172542
185.247.137.224 1 1 753 20250704071827
147.185.132.63 1 1 753 20250709101501
138.199.59.131 1 1 753 20250724172007
206.168.34.85 1 3 11447 20250715234455
206.168.34.215 1 2 6100 20250715234458
143.198.49.175 1 1 753 20250724104746
94.159.110.45 1 1 753 20250705030102
195.211.77.142 1 1 753 20250724172028
195.211.77.140 1 1 0 20250724172009
180.163.220.42 1 1 753 20250717015256
128.140.53.20 1 1 753 20250724172141
199.45.155.72 1 2 6100 20250712133648
205.210.31.180 1 1 753 20250709085901
194.163.152.77 1 4 2144592 20250725113151
18.224.192.118 1 1 753 20250723015044
139.59.82.210 1 1 753 20250730195150
167.71.81.114 1 1 753 20250724172002
68.183.18.137 1 1 753 20250702150522
205.210.31.164 1 1 753 20250723030428
52.34.228.235 1 2 715366 20250725100730
199.45.154.148 1 2 6100 20250709145930
196.251.88.59 1 2 715366 20250725203507
185.247.137.132 0 1 5347 
167.94.138.195 1 2 6100 20250709150218
143.198.230.29 1 1 753 20250710191921
138.197.46.180 1 1 753 20250725122615
198.235.24.94 1 1 753 20250704035705
3.146.111.124 1 1 753 20250720040507
54.82.20.172 1 2 715366 20250727153219
161.35.166.72 1 1 753 20250716082917
209.97.185.255 1 1 753 20250727113436
205.210.31.207 1 1 753 20250705013952
END_VISITOR

# Date - Pages - Hits - Bandwidth - Visits
BEGIN_DAY 15
20250702 1 1 753 1
20250704 2 3 6853 2
20250705 2 2 1506 2
20250709 4 6 13706 4
20250710 1 1 753 1
20250712 1 2 6100 1
20250715 2 5 17547 2
20250716 1 1 753 1
20250717 1 1 753 1
20250720 1 1 753 1
20250723 2 2 1506 2
20250724 12 20 1521113 9
20250725 4 9 3576077 4
20250727 2 3 716119 2
20250730 1 1 753 1
END_DAY

# Session range - Number of visits
BEGIN_SESSION 1
0s-30s 34
END_SESSION

# URL - Pages - Bandwidth - Entry - Exit
# The 25 first Pages must be first (order not required for others)
BEGIN_SIDER 2
/ 35 24096 34 32
/manifest.json 2 984 0 2
END_SIDER

# Payload Range - Payload Frequency
BEGIN_FILESIZE 6
5K+ 26
44-100 22
0-44 79
2K-5K 19
500-1K 64
100-500 2
END_FILESIZE