OwlCyberSecurity - MANAGER

Edit File: awstats092025.testone.onebox.pk.txt

AWSTATS DATA FILE 7.9 (build 20230108)
# If you remove this file, all statistics for date 202509 will be lost/reset.
# Last config file used to build this data file was /home/oneboxpk/tmp/awstats/awstats.testone.onebox.pk.conf.

# Position (offset in bytes) in this file for beginning of each section for
# direct I/O access. If you made changes somewhere in this file, you should
# also remove completely the MAP section (AWStats will rewrite it at next
# update).
BEGIN_MAP 28
POS_GENERAL 2048                
POS_TIME 2708                
POS_VISITOR 8897                
POS_DAY 10159               
POS_DOMAIN 3304                
POS_LOGIN 3613                
POS_ROBOT 3768                
POS_WORMS 4119                
POS_EMAILSENDER 4250                
POS_EMAILRECEIVER 4393                
POS_SESSION 10538               
POS_FILESIZE 10985               
POS_SIDER 10685               
POS_FILETYPES 4528                
POS_DOWNLOADS 4661                
POS_OS 4709                
POS_BROWSER 4890                
POS_SCREENSIZE 5246                
POS_UNKNOWNREFERER 5320                
POS_UNKNOWNREFERERBROWSER 5963                
POS_ORIGIN 6274                
POS_SEREFERRALS 6406                
POS_PAGEREFS 6572                
POS_SEARCHWORDS 6720                
POS_KEYWORDS 6872                
POS_MISC 2371                
POS_ERRORS 6931                
POS_CLUSTER 3469                
POS_SIDER_404 7034                
END_MAP

# LastLine    = Date of last record processed - Last record line number in last log - Last record offset in last log - Last record signature value
# FirstTime   = Date of first visit for history file
# LastTime    = Date of last visit for history file
# LastUpdate  = Date of last update - Nb of parsed records - Nb of parsed old records - Nb of parsed new records - Nb of parsed corrupted - Nb of parsed dropped
# TotalVisits = Number of visits
# TotalUnique = Number of unique visitors
# MonthHostsKnown   = Number of hosts known
# MonthHostsUnKnown = Number of hosts unknown
BEGIN_GENERAL 8
LastLine 20251002144655 1 0 10003779413230
FirstTime 0
LastTime 20250930014321
LastUpdate 20251002171220 1 0 0 0 0
TotalVisits 32                  
TotalUnique 31                  
MonthHostsKnown 0                   
MonthHostsUnknown 32                  
END_GENERAL

# Misc ID - Pages - Hits - Bandwidth
BEGIN_MISC 10
JavascriptDisabled 0 0 0
JavaEnabled 0 0 0
FlashSupport 0 0 0
AddToFavourites 0 10 0
WindowsMediaPlayerSupport 0 0 0
QuickTimeSupport 0 0 0
PDFSupport 0 0 0
RealPlayerSupport 0 0 0
TotalMisc 0 0 0
DirectorSupport 0 0 0
END_MISC

# Hour - Pages - Hits - Bandwidth - Not viewed Pages - Not viewed Hits - Not viewed Bandwidth
BEGIN_TIME 24
0 1 1 753 0 0 0
1 2 2 1506 0 0 0
2 0 0 0 17 17 5397
3 0 0 0 1 2 820
4 0 0 0 1 1 753
5 2 2 1506 0 0 0
6 0 0 0 1 4 1202
7 0 0 0 2 4 1640
8 3 3 2259 1 1 753
9 2 2 1506 1 4 8560
10 1 2 715366 10 10 3168
11 1 1 753 1 2 4188
12 1 2 6100 1 2 4185
13 2 4 1430732 2 2 633
14 0 0 0 1 1 753
15 1 2 6100 1 2 4623
16 1 1 753 45 46 19041
17 9 9 2069 20 20 7185
18 1 1 753 90 91 28672
19 2 4 12200 2 7 12812
20 5 5 3765 19 21 10363
21 1 1 753 2 3 1135
22 0 0 0 1 1 753
23 0 0 0 0 0 0
END_TIME

# Domain - Pages - Hits - Bandwidth
# The 25 first Pages must be first (order not required for others)
BEGIN_DOMAIN 8
us 21 24 29190
ca 4 4 3012
de 2 2 1506
ru 2 6 2150692
bg 2 2 128
nl 2 2 1506
zz 1 1 87
be 1 1 753
END_DOMAIN

# Cluster ID - Pages - Hits - Bandwidth
BEGIN_CLUSTER 0
END_CLUSTER

# Login - Pages - Hits - Bandwidth - Last visit
# The 10 first Pages must be first (order not required for others)
BEGIN_LOGIN 0
END_LOGIN

# Robot ID - Hits - Bandwidth - Last visit - Hits on robots.txt
# The 25 first Hits must be first (order not required for others)
BEGIN_ROBOT 6
MJ12bot/ 16 6560 20250930212803 8
no_user_agent 5 3765 20250928081057 0
checker 3 2259 20250924160204 0
bot[\s_+:,\.\;\/\\-] 2 134 20250921194809 2
unknown 1 67 20250902062818 1
Go\-http\-client/ 1 753 20250923172104 0
END_ROBOT

# Worm ID - Hits - Bandwidth - Last visit
# The 5 first Hits must be first (order not required for others)
BEGIN_WORMS 0
END_WORMS

# EMail - Hits - Bandwidth - Last visit
# The 20 first Hits must be first (order not required for others)
BEGIN_EMAILSENDER 0
END_EMAILSENDER

# EMail - Hits - Bandwidth - Last visit
# The 20 first hits must be first (order not required for others)
BEGIN_EMAILRECEIVER 0
END_EMAILRECEIVER

# Files type - Hits - Bandwidth - Bandwidth without compression - Bandwidth after compression
BEGIN_FILETYPES 4
Unknown 7 563 0 0
js 3 2143839 0 0
png 4 21388 0 0
html 28 21084 0 0
END_FILETYPES

# Downloads - Hits - Bandwidth
BEGIN_DOWNLOADS 0
END_DOWNLOADS

# OS ID - Hits
BEGIN_OS ID - Hits - Pages 8
android10 1 0
win11 1 1
Unknown 23 18
win10 7 6
androidmarshmallow 1 1
linux 7 7
androidpie 1 1
androidlollipop 1 1
END_OS

# Browser ID - Hits - Pages
BEGIN_BROWSER 15
chrome139.0.0.0 3 3
Unknown 8 7
chrome92.0.4515.107 1 1
chrome78.0.3904.108 3 3
chrome131.0.6778.85 1 1
mozilla 13 9
chrome91.0.4472.124 1 0
chrome126.0.0.0 1 1
netscape5.0 3 3
chrome91.0.4472.120 1 0
chrome76.0.3809.111 1 1
chrome106.0.0.0 1 1
firefox139.0 2 2
chrome104.0.0.0 2 2
chrome52.0.6247.98 1 1
END_BROWSER

# Screen size - Hits
BEGIN_SCREENSIZE 0
END_SCREENSIZE

# Unknown referer OS - Last visit date
BEGIN_UNKNOWNREFERER 7
Mozilla/5.0_(compatible;_Let's_Encrypt_validation_server;__https://www.letsencrypt.org) 20250923171936
Mozilla/5.0_(compatible;_CensysInspect/1.1;__https://about.censys.io/) 20250917191242
Mozilla/5.0_zgrab/0.x 20250910134407
Cpanel-HTTP-Client/1.0 20250923171807
Hello_from_Palo_Alto_Networks,_find_out_more_about_our_scans_in_https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity 20250930012541
Mozilla/5.0_(compatible;_InternetMeasurement/1.0;__https://internet-measurement.com/) 20250912151830
python-httpx/0.28.1 20250925102509
END_UNKNOWNREFERER

# Unknown referer Browser - Last visit date
BEGIN_UNKNOWNREFERERBROWSER 3
Hello_from_Palo_Alto_Networks,_find_out_more_about_our_scans_in_https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity 20250930012541
Cpanel-HTTP-Client/1.0 20250923171807
python-httpx/0.28.1 20250925102509
END_UNKNOWNREFERERBROWSER

# Origin - Pages - Hits 
BEGIN_ORIGIN 6
From0 34 41
From1 0 0
From2 1 1
From3 0 0
From4 0 0
From5 0 0
END_ORIGIN

# Search engine referers ID - Pages - Hits
BEGIN_SEREFERRALS 1
www_google_com_sg 1 1
END_SEREFERRALS

# External page referers - Pages - Hits
# The 25 first Pages must be first (order not required for others)
BEGIN_PAGEREFS 0
END_PAGEREFS

# Search keyphrases - Number of search
# The 10 first number of search must be first (order not required for others)
BEGIN_SEARCHWORDS 0
END_SEARCHWORDS

# Search keywords - Number of search
# The 25 first number of search must be first (order not required for others)
BEGIN_KEYWORDS 0
END_KEYWORDS

# Errors - Hits - Bandwidth
BEGIN_ERRORS 2
404 52 16380
403 151 48018
END_ERRORS

# URL with 404 errors - Hits - Last URL referrer
BEGIN_SIDER_404 48
/blog/wp-includes/wlwmanifest.xml 1 -
/_profiler/phpinfo 1 -
/wp-login.php 1 -
/wordpress/ 1 -
/v2/_catalog 1 -
/test/wp-includes/wlwmanifest.xml 1 -
/public/wsr2.php 1 -
/website/wp-includes/wlwmanifest.xml 1 -
/favicon.ico%22/%3E%3Cmeta%20name=%22viewport%22%20content=%22width=device-width,initial-scale=1%22/%3E%3Cmeta%20name=%22theme-color%22%20content=%22 2 -
/ext.php 1 -
/s/0323e2634323e20363e27333/_/ 1 -
/telescope/requests 1 -
/@vite/env 1 -
/wp-content/plugins/hellopress/wp_filemanager.php 3 -
/sitemap.xml 1 -
/.well-known/security.txt 1 -
/site/wp-includes/wlwmanifest.xml 1 -
/login.action 1 -
/wp-includes/certificates/plugins.php 1 -
/cms/wp-includes/wlwmanifest.xml 1 -
/2018/wp-includes/wlwmanifest.xml 1 -
/actuator/env 1 -
/wp1/wp-includes/wlwmanifest.xml 1 -
/news/wp-includes/wlwmanifest.xml 1 -
/shop/wp-includes/wlwmanifest.xml 1 -
/phpinfo 1 -
/web/wp-includes/wlwmanifest.xml 1 -
/server 1 -
/wp/wp-includes/wlwmanifest.xml 1 -
/.vscode/sftp.json 1 -
/modules/mod_simplefileuploadv1.3/elements/filemanager.php 1 -
/.DS_Store 1 -
/wordpress/wp-includes/wlwmanifest.xml 1 -
/2019/wp-includes/wlwmanifest.xml 1 -
/about 1 -
/_all_dbs 1 -
/media/wp-includes/wlwmanifest.xml 1 -
/wp-includes/wlwmanifest.xml 1 -
/tool/view/phpinfo.view.php 1 -
/login 1 -
/wp2/wp-includes/wlwmanifest.xml 1 -
/lock360.php 2 -
/.well-known/acme-challenge/about.php 1 -
/debug/default/view 1 -
/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application 1 -
/config.json 1 -
/sito/wp-includes/wlwmanifest.xml 1 -
/server-status 1 -
END_SIDER_404

# Host - Pages - Hits - Bandwidth - Last visit date - [Start date of last visit] - [Last page of last visit]
# [Start date of last visit] and [Last page of last visit] are saved only if session is not finished
# The 25 first Hits must be first (order not required for others)
BEGIN_VISITOR 32
54.235.5.218 3 3 2259 20250919202023
3.138.185.30 2 2 1506 20250910134407
37.60.246.20 2 2 128 20250923171807
54.255.229.200 1 1 87 20250923171936
162.142.125.116 1 2 6100 20250917191241
64.23.161.33 1 1 753 20250910094007
205.169.39.8 1 1 753 20250923182403
188.166.63.156 1 1 753 20250904204219
87.236.176.99 1 1 753 20250912151829
34.126.89.41 1 1 753 20250923213453
185.177.72.13 1 3 1429979 20250920131326
205.210.31.45 1 1 753 20250930012541
213.209.157.216 1 1 753 20250930014321
198.235.24.89 1 1 753 20250909051349
162.142.125.219 1 2 6100 20250908123239
13.53.218.161 1 1 87 20250923171935
13.59.146.37 1 1 87 20250923171935
188.166.108.93 1 1 753 20250923172102
35.90.216.50 1 1 87 20250923171935
185.177.72.31 1 2 715366 20250925102508
206.189.107.161 1 1 753 20250924162822
143.110.216.32 1 1 753 20250918092012
212.227.149.251 1 1 753 20250918170631
198.235.24.82 1 1 753 20250902084745
44.193.254.10 1 1 753 20250916202405
185.247.137.139 0 1 5347 
23.178.112.105 1 1 87 20250923171935
199.45.155.108 1 2 6100 20250908194904
205.210.31.171 1 1 753 20250912054209
144.126.222.111 1 1 753 20250925113106
3.235.16.184 1 1 753 20250920080622
35.174.4.131 1 1 753 20250918000838
END_VISITOR

# Date - Pages - Hits - Bandwidth - Visits
BEGIN_DAY 16
20250902 1 1 753 1
20250904 1 1 753 1
20250905 1 1 753 1
20250908 2 4 12200 2
20250909 1 1 753 1
20250910 2 2 1506 2
20250912 2 3 6853 2
20250916 1 1 753 1
20250917 1 2 6100 1
20250918 3 3 2259 3
20250919 3 3 2259 1
20250920 2 4 1430732 2
20250923 10 10 2822 9
20250924 1 1 753 1
20250925 2 3 716119 2
20250930 2 2 1506 2
END_DAY

# Session range - Number of visits
BEGIN_SESSION 1
0s-30s 32
END_SESSION

# URL - Pages - Bandwidth - Entry - Exit
# The 25 first Pages must be first (order not required for others)
BEGIN_SIDER 4
/ 28 21084 26 26
/.well-known/acme-challenge/StO2Sdhvoi3x7ZvPHap8E_r1W_ln-UdoPgyL1IbljVg 5 435 5 5
/.well-known/acme-challenge/CSNZBNC1--SYQ3KG4JFC6LVR0YNL5DKD 1 64 0 1
/.well-known/acme-challenge/18PEI65XJ475I_PJJ8S9OWLS_PS55IET 1 64 1 0
END_SIDER

# Payload Range - Payload Frequency
BEGIN_FILESIZE 5
100-500 203
2K-5K 10
44-100 18
500-1K 45
5K+ 7
END_FILESIZE