OwlCyberSecurity - MANAGER

Edit File: awstats092025.testone.onebox.pk.txt

AWSTATS DATA FILE 7.9 (build 20230108)
# If you remove this file, all statistics for date 202509 will be lost/reset.
# Last config file used to build this data file was /home/oneboxpk/tmp/awstats/ssl/awstats.testone.onebox.pk.conf.

# Position (offset in bytes) in this file for beginning of each section for
# direct I/O access. If you made changes somewhere in this file, you should
# also remove completely the MAP section (AWStats will rewrite it at next
# update).
BEGIN_MAP 28
POS_GENERAL 2052                
POS_TIME 2725                
POS_VISITOR 8231                
POS_DAY 9246                
POS_DOMAIN 3324                
POS_LOGIN 3630                
POS_ROBOT 3785                
POS_WORMS 4274                
POS_EMAILSENDER 4405                
POS_EMAILRECEIVER 4548                
POS_SESSION 9623                
POS_FILESIZE 9884                
POS_SIDER 9780                
POS_FILETYPES 4683                
POS_DOWNLOADS 4815                
POS_OS 4863                
POS_BROWSER 5159                
POS_SCREENSIZE 5710                
POS_UNKNOWNREFERER 5784                
POS_UNKNOWNREFERERBROWSER 6454                
POS_ORIGIN 6798                
POS_SEREFERRALS 6930                
POS_PAGEREFS 7074                
POS_SEARCHWORDS 7222                
POS_KEYWORDS 7374                
POS_MISC 2388                
POS_ERRORS 7433                
POS_CLUSTER 3486                
POS_SIDER_404 7546                
END_MAP

# LastLine    = Date of last record processed - Last record line number in last log - Last record offset in last log - Last record signature value
# FirstTime   = Date of first visit for history file
# LastTime    = Date of last visit for history file
# LastUpdate  = Date of last update - Nb of parsed records - Nb of parsed old records - Nb of parsed new records - Nb of parsed corrupted - Nb of parsed dropped
# TotalVisits = Number of visits
# TotalUnique = Number of unique visitors
# MonthHostsKnown   = Number of hosts known
# MonthHostsUnKnown = Number of hosts unknown
BEGIN_GENERAL 8
LastLine 20251001120448 1 0 16099797065315
FirstTime 20250902170301
LastTime 20250930091221
LastUpdate 20251001171109 1 0 0 0 0
TotalVisits 26                  
TotalUnique 24                  
MonthHostsKnown 0                   
MonthHostsUnknown 25                  
END_GENERAL

# Misc ID - Pages - Hits - Bandwidth
BEGIN_MISC 10
PDFSupport 0 0 0
DirectorSupport 0 0 0
WindowsMediaPlayerSupport 0 0 0
JavaEnabled 0 0 0
QuickTimeSupport 0 0 0
FlashSupport 0 0 0
JavascriptDisabled 0 0 0
RealPlayerSupport 0 0 0
TotalMisc 0 0 0
AddToFavourites 0 10 0
END_MISC

# Hour - Pages - Hits - Bandwidth - Not viewed Pages - Not viewed Hits - Not viewed Bandwidth
BEGIN_TIME 24
0 0 0 0 2 4 1640
1 0 0 0 6 12 5635736
2 0 0 0 2 2 636
3 2 4 1430732 1 3 1383
4 0 0 0 2 4 1640
5 0 0 0 1 1 318
6 1 1 753 1 1 753
7 0 0 0 3 3 1389
8 2 3 6853 0 1 3870
9 3 3 2259 1 4 8122
10 1 1 753 2 2 636
11 1 1 753 16 24 11275787
12 5 10 2866781 2 4 5182
13 1 2 6100 1 2 4188
14 0 0 0 0 0 0
15 0 0 0 0 0 0
16 1 1 753 0 1 3870
17 5 5 3012 20 20 7185
18 0 0 0 0 0 0
19 6 11 2867534 2 4 8550
20 4 5 717364 1 2 4188
21 0 0 0 1 1 318
22 1 1 753 18 20 5640064
23 0 0 0 3 5 2393
END_TIME

# Domain - Pages - Hits - Bandwidth
# The 25 first Pages must be first (order not required for others)
BEGIN_DOMAIN 7
us 15 18 27336
lt 8 16 5721362
ru 4 5 716611
ca 3 3 2259
pa 1 3 1429979
be 1 2 6100
nl 1 1 753
END_DOMAIN

# Cluster ID - Pages - Hits - Bandwidth
BEGIN_CLUSTER 0
END_CLUSTER

# Login - Pages - Hits - Bandwidth - Last visit
# The 10 first Pages must be first (order not required for others)
BEGIN_LOGIN 0
END_LOGIN

# Robot ID - Hits - Bandwidth - Last visit - Hits on robots.txt
# The 25 first Hits must be first (order not required for others)
BEGIN_ROBOT 9
bot[\s_+:,\.\;\/\\-] 30 22536879 20250927114649 8
MJ12bot/ 12 4920 20250920011838 6
no_user_agent 4 3012 20250929034159 0
Xenu[\x20]Link[\x20]Sleuth 1 492 20250924195547 0
scrapy 1 753 20250930110335 0
survey 1 753 20250910234142 0
(firefox/)([0-9]\.|[0-1][0]\.) 1 492 20250925120454 0
unknown 1 67 20250908120658 1
Go\-http\-client/ 1 753 20250923172104 0
END_ROBOT

# Worm ID - Hits - Bandwidth - Last visit
# The 5 first Hits must be first (order not required for others)
BEGIN_WORMS 0
END_WORMS

# EMail - Hits - Bandwidth - Last visit
# The 20 first Hits must be first (order not required for others)
BEGIN_EMAILSENDER 0
END_EMAILSENDER

# EMail - Hits - Bandwidth - Last visit
# The 20 first hits must be first (order not required for others)
BEGIN_EMAILRECEIVER 0
END_EMAILRECEIVER

# Files type - Hits - Bandwidth - Bandwidth without compression - Bandwidth after compression
BEGIN_FILETYPES 4
png 4 21388 0 0
json 7 3444 0 0
html 26 18825 0 0
js 11 7860743 0 0
END_FILETYPES

# Downloads - Hits - Bandwidth
BEGIN_DOWNLOADS 0
END_DOWNLOADS

# OS ID - Hits
BEGIN_OS ID - Hits - Pages 16
win95 1 1
androidcupcake 1 1
win10 6 6
Unknown 17 12
macosx12 1 0
macosx6 1 1
androidgingerbread 1 0
linuxubuntu 1 0
macosx14 2 0
macosx10 1 0
androidpie 1 0
win2003 1 0
linux 10 9
androidmarshmallow 1 1
bsdnetbsd 1 1
symbian 2 1
END_OS

# Browser ID - Hits - Pages
BEGIN_BROWSER 26
nokia 1 0
netscape5.0 1 1
chrome138.0.0.0 1 1
chrome76.0.3809.100 2 1
firefox40.0 1 1
chrome58.0.3029.110 1 1
chrome137.0.0.0 1 1
mozilla 10 5
Unknown 7 6
chrome15.0.874.54 1 1
chrome139.0.0.0 3 3
chrome60.0.3112.32 1 1
safari5.0.1 1 0
chrome112.0.0.0 1 1
firefox139.0 2 2
chrome76.0.3809.89 1 0
chrome66.0.3359.117 1 1
chrome67.0.3396.99 1 0
chrome52.0.6247.98 1 1
chrome77.0.3844.0 1 0
safari2.0.1 1 1
chrome76.0.3809.87 2 0
netscape3.01 1 1
chrome27.0.1453.116 1 1
chrome108.0.0.0 2 2
android 2 1
END_BROWSER

# Screen size - Hits
BEGIN_SCREENSIZE 0
END_SCREENSIZE

# Unknown referer OS - Last visit date
BEGIN_UNKNOWNREFERER 7
Mozilla/5.0_(compatible;_InternetMeasurement/1.0;__https://internet-measurement.com/) 20250912133138
Avant_Browser/1.2.789rel1_(http://www.avantbrowser.com) 20250924195622
Mozilla/5.0_(compatible;_UGAResearchAgent/1.0;_Please_visit:_NISLabUGA.github.io) 20250923172236
Mozilla/5.0_zgrab/0.x 20250905083810
Mozilla/5.0_(compatible;_CensysInspect/1.1;__https://about.censys.io/) 20250917193222
python-httpx/0.28.1 20250924201348
Hello_from_Palo_Alto_Networks,_find_out_more_about_our_scans_in_https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity 20250930091221
END_UNKNOWNREFERER

# Unknown referer Browser - Last visit date
BEGIN_UNKNOWNREFERERBROWSER 3
Hello_from_Palo_Alto_Networks,_find_out_more_about_our_scans_in_https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity 20250930091221
python-httpx/0.28.1 20250924201348
Avant_Browser/1.2.789rel1_(http://www.avantbrowser.com) 20250924195622
END_UNKNOWNREFERERBROWSER

# Origin - Pages - Hits 
BEGIN_ORIGIN 6
From0 33 48
From1 0 0
From2 0 0
From3 0 0
From4 0 0
From5 0 0
END_ORIGIN

# Search engine referers ID - Pages - Hits
BEGIN_SEREFERRALS 0
END_SEREFERRALS

# External page referers - Pages - Hits
# The 25 first Pages must be first (order not required for others)
BEGIN_PAGEREFS 0
END_PAGEREFS

# Search keyphrases - Number of search
# The 10 first number of search must be first (order not required for others)
BEGIN_SEARCHWORDS 0
END_SEARCHWORDS

# Search keywords - Number of search
# The 25 first number of search must be first (order not required for others)
BEGIN_KEYWORDS 0
END_KEYWORDS

# Errors - Hits - Bandwidth
BEGIN_ERRORS 3
403 15 4770
503 24 10272
404 19 5985
END_ERRORS

# URL with 404 errors - Hits - Last URL referrer
BEGIN_SIDER_404 17
/config.json 1 -
/.DS_Store 1 -
/enhancecp 2 -
/debug/default/view 1 -
/telescope/requests 1 -
/.vscode/sftp.json 1 -
/s/0323e2634323e20363e27333/_/ 1 -
/login.action 1 -
/_all_dbs 1 -
/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application 1 -
/server 1 -
/manifest.js 2 -
/@vite/env 1 -
/about 1 -
/v2/_catalog 1 -
/server-status 1 -
/actuator/env 1 -
END_SIDER_404

# Host - Pages - Hits - Bandwidth - Last visit date - [Start date of last visit] - [Last page of last visit]
# [Start date of last visit] and [Last page of last visit] are saved only if session is not finished
# The 25 first Hits must be first (order not required for others)
BEGIN_VISITOR 25
185.8.106.140 8 16 5721362 20250925120512
44.193.254.10 2 2 1506 20250917105412
185.177.72.47 2 3 715858 20250924201348
195.211.77.142 1 1 753 20250923172159
128.192.12.110 1 1 753 20250923172236
162.55.173.215 1 1 753 20250923191932
167.94.138.117 1 2 6100 20250908120558
199.45.154.131 1 2 6100 20250917193210
38.91.106.56 1 1 753 20250920031416
198.235.24.117 1 1 753 20250902170301
195.211.77.140 1 1 0 20250923172153
3.138.185.30 1 1 753 20250905083810
64.23.161.33 1 1 753 20250910094008
188.166.63.156 1 1 753 20250904204219
167.94.145.99 1 2 6100 20250909085746
198.235.24.34 1 1 753 20250926225400
138.68.144.227 1 1 753 20250923172102
147.185.132.91 1 1 753 20250926060554
179.43.149.114 1 3 1429979 20250925032309
144.126.222.111 1 1 753 20250925113107
87.236.176.217 1 1 753 20250912133137
143.110.216.32 1 1 753 20250918092013
205.210.31.239 1 1 753 20250930091221
206.189.107.161 1 1 753 20250924162822
87.236.176.148 0 1 5347 
END_VISITOR

# Date - Pages - Hits - Bandwidth - Visits
BEGIN_DAY 16
20250902 1 1 753 1
20250904 1 1 753 1
20250905 1 1 753 1
20250908 1 2 6100 1
20250909 1 2 6100 1
20250910 1 1 753 1
20250912 1 2 6100 1
20250916 1 1 753 1
20250917 2 3 6853 2
20250918 1 1 753 1
20250920 1 1 753 1
20250923 5 5 3012 5
20250924 7 12 3577292 3
20250925 6 12 4291413 3
20250926 2 2 1506 2
20250930 1 1 753 1
END_DAY

# Session range - Number of visits
BEGIN_SESSION 2
30s-2mn 2
0s-30s 24
END_SESSION

# URL - Pages - Bandwidth - Entry - Exit
# The 25 first Pages must be first (order not required for others)
BEGIN_SIDER 2
/ 26 18825 26 23
/manifest.json 7 3444 0 3
END_SIDER

# Payload Range - Payload Frequency
BEGIN_FILESIZE 6
500-1K 45
100-500 70
0-44 1
44-100 15
2K-5K 10
5K+ 27
END_FILESIZE