OwlCyberSecurity - MANAGER

Edit File: awstats092025.testtwo.onebox.pk.txt

AWSTATS DATA FILE 7.9 (build 20230108)
# If you remove this file, all statistics for date 202509 will be lost/reset.
# Last config file used to build this data file was /home/oneboxpk/tmp/awstats/awstats.testtwo.onebox.pk.conf.

# Position (offset in bytes) in this file for beginning of each section for
# direct I/O access. If you made changes somewhere in this file, you should
# also remove completely the MAP section (AWStats will rewrite it at next
# update).
BEGIN_MAP 28
POS_GENERAL 2048                
POS_TIME 2720                
POS_VISITOR 7246                
POS_DAY 8694                
POS_DOMAIN 3322                
POS_LOGIN 3646                
POS_ROBOT 3801                
POS_WORMS 4072                
POS_EMAILSENDER 4203                
POS_EMAILRECEIVER 4346                
POS_SESSION 9060                
POS_FILESIZE 9588                
POS_SIDER 9207                
POS_FILETYPES 4481                
POS_DOWNLOADS 4581                
POS_OS 4629                
POS_BROWSER 4811                
POS_SCREENSIZE 5108                
POS_UNKNOWNREFERER 5182                
POS_UNKNOWNREFERERBROWSER 5828                
POS_ORIGIN 6142                
POS_SEREFERRALS 6274                
POS_PAGEREFS 6418                
POS_SEARCHWORDS 6566                
POS_KEYWORDS 6718                
POS_MISC 2383                
POS_ERRORS 6777                
POS_CLUSTER 3502                
POS_SIDER_404 6892                
END_MAP

# LastLine    = Date of last record processed - Last record line number in last log - Last record offset in last log - Last record signature value
# FirstTime   = Date of first visit for history file
# LastTime    = Date of last visit for history file
# LastUpdate  = Date of last update - Nb of parsed records - Nb of parsed old records - Nb of parsed new records - Nb of parsed corrupted - Nb of parsed dropped
# TotalVisits = Number of visits
# TotalUnique = Number of unique visitors
# MonthHostsKnown   = Number of hosts known
# MonthHostsUnKnown = Number of hosts unknown
BEGIN_GENERAL 8
LastLine 20251003203051 1 0 9017949420154
FirstTime 20250902015048
LastTime 20250930183909
LastUpdate 20251004172058 1 0 0 0 0
TotalVisits 37                  
TotalUnique 37                  
MonthHostsKnown 0                   
MonthHostsUnknown 37                  
END_GENERAL

# Misc ID - Pages - Hits - Bandwidth
BEGIN_MISC 10
WindowsMediaPlayerSupport 0 0 0
DirectorSupport 0 0 0
FlashSupport 0 0 0
TotalMisc 0 0 0
PDFSupport 0 0 0
RealPlayerSupport 0 0 0
AddToFavourites 0 19 0
QuickTimeSupport 0 0 0
JavascriptDisabled 0 0 0
JavaEnabled 0 0 0
END_MISC

# Hour - Pages - Hits - Bandwidth - Not viewed Pages - Not viewed Hits - Not viewed Bandwidth
BEGIN_TIME 24
0 0 0 0 95 95 41853
1 2 2 634 0 0 0
2 0 0 0 0 0 0
3 0 0 0 0 0 0
4 0 0 0 41 41 13744
5 0 0 0 0 0 0
6 0 0 0 1 1 317
7 0 0 0 230 230 84080
8 4 4 1268 0 1 671
9 1 1 317 0 1 671
10 1 1 317 80 80 27911
11 1 1 317 1 2 988
12 3 3 951 1 6 4026
13 2 2 634 0 2 1342
14 1 1 317 1 1 317
15 1 1 317 92 92 29609
16 0 0 0 18 18 6781
17 14 14 1632 137 137 49212
18 3 3 951 1 4 2684
19 1 1 317 91 93 31339
20 4 4 1268 18 21 13738
21 2 2 634 43 46 16746
22 1 1 317 1 3 2013
23 0 0 0 17 17 6465
END_TIME

# Domain - Pages - Hits - Bandwidth
# The 25 first Pages must be first (order not required for others)
BEGIN_DOMAIN 10
us 28 28 7266
ca 3 3 951
zz 2 2 174
bg 2 2 128
ru 1 1 317
gb 1 1 87
be 1 1 317
de 1 1 317
co 1 1 317
lt 1 1 317
END_DOMAIN

# Cluster ID - Pages - Hits - Bandwidth
BEGIN_CLUSTER 0
END_CLUSTER

# Login - Pages - Hits - Bandwidth - Last visit
# The 10 first Pages must be first (order not required for others)
BEGIN_LOGIN 0
END_LOGIN

# Robot ID - Hits - Bandwidth - Last visit - Hits on robots.txt
# The 25 first Hits must be first (order not required for others)
BEGIN_ROBOT 4
checker 3 951 20250924164359 0
no_user_agent 2 634 20250928110437 0
survey 1 317 20250902061757 0
Go\-http\-client/ 1 317 20250923172111 0
END_ROBOT

# Worm ID - Hits - Bandwidth - Last visit
# The 5 first Hits must be first (order not required for others)
BEGIN_WORMS 0
END_WORMS

# EMail - Hits - Bandwidth - Last visit
# The 20 first Hits must be first (order not required for others)
BEGIN_EMAILSENDER 0
END_EMAILSENDER

# EMail - Hits - Bandwidth - Last visit
# The 20 first hits must be first (order not required for others)
BEGIN_EMAILRECEIVER 0
END_EMAILRECEIVER

# Files type - Hits - Bandwidth - Bandwidth without compression - Bandwidth after compression
BEGIN_FILETYPES 2
html 29 9193 0 0
Unknown 12 998 0 0
END_FILETYPES

# Downloads - Hits - Bandwidth
BEGIN_DOWNLOADS 0
END_DOWNLOADS

# OS ID - Hits
BEGIN_OS ID - Hits - Pages 8
androidlollipop 1 1
linux 5 5
win10 5 5
androidmarshmallow 1 1
macosx15 2 2
win7 1 1
androidnougat 1 1
Unknown 25 25
END_OS

# Browser ID - Hits - Pages
BEGIN_BROWSER 13
chrome139.0.0.0 3 3
mozilla 18 18
opera12.16 1 1
Unknown 6 6
chrome52.0.6247.98 1 1
firefox129.0 1 1
chrome78.0.3904.108 3 3
chrome106.0.0.0 1 1
chrome91.0.4472.124 1 1
chrome104.0.0.0 1 1
firefox139.0 2 2
netscape5.0 2 2
chrome76.0.3809.111 1 1
END_BROWSER

# Screen size - Hits
BEGIN_SCREENSIZE 0
END_SCREENSIZE

# Unknown referer OS - Last visit date
BEGIN_UNKNOWNREFERER 7
Mozilla/5.0_zgrab/0.x 20250909143055
Mozilla/5.0_(compatible;_CensysInspect/1.1;__https://about.censys.io/) 20250917194121
Hello_from_Palo_Alto_Networks,_find_out_more_about_our_scans_in_https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity 20250906081509
Mozilla/5.0_(compatible;_InternetMeasurement/1.0;__https://internet-measurement.com/) 20250905153643
python-requests/2.32.5 20250926080029
Mozilla/5.0_(compatible;_Let's_Encrypt_validation_server;__https://www.letsencrypt.org) 20250923171952
Cpanel-HTTP-Client/1.0 20250923171807
END_UNKNOWNREFERER

# Unknown referer Browser - Last visit date
BEGIN_UNKNOWNREFERERBROWSER 3
Hello_from_Palo_Alto_Networks,_find_out_more_about_our_scans_in_https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity 20250906081509
python-requests/2.32.5 20250926080029
Cpanel-HTTP-Client/1.0 20250923171807
END_UNKNOWNREFERERBROWSER

# Origin - Pages - Hits 
BEGIN_ORIGIN 6
From0 41 41
From1 0 0
From2 0 0
From3 0 0
From4 0 0
From5 0 0
END_ORIGIN

# Search engine referers ID - Pages - Hits
BEGIN_SEREFERRALS 0
END_SEREFERRALS

# External page referers - Pages - Hits
# The 25 first Pages must be first (order not required for others)
BEGIN_PAGEREFS 0
END_PAGEREFS

# Search keyphrases - Number of search
# The 10 first number of search must be first (order not required for others)
BEGIN_SEARCHWORDS 0
END_SEARCHWORDS

# Search keywords - Number of search
# The 25 first number of search must be first (order not required for others)
BEGIN_KEYWORDS 0
END_KEYWORDS

# Errors - Hits - Bandwidth
BEGIN_ERRORS 3
404 3 945
500 126 84546
403 736 234048
END_ERRORS

# URL with 404 errors - Hits - Last URL referrer
BEGIN_SIDER_404 2
/index/function.php 2 -
/index/fucku.php 1 -
END_SIDER_404

# Host - Pages - Hits - Bandwidth - Last visit date - [Start date of last visit] - [Last page of last visit]
# [Start date of last visit] and [Last page of last visit] are saved only if session is not finished
# The 25 first Hits must be first (order not required for others)
BEGIN_VISITOR 37
54.235.5.218 3 3 951 20250919202036
23.178.112.105 2 2 174 20250923171951
37.60.246.20 2 2 128 20250923171807
143.110.229.187 1 1 317 20250916085208
54.255.229.200 1 1 87 20250923171951
167.94.146.63 1 1 317 20250902181535
35.89.18.67 1 1 87 20250923171951
185.177.72.13 1 1 317 20250920131606
199.45.155.86 1 1 317 20250903225423
162.142.125.119 1 1 317 20250902202952
147.185.132.255 1 1 317 20250902015048
162.142.125.117 1 1 317 20250903123909
51.21.160.240 1 1 87 20250923171952
190.6.176.90 1 1 317 20250918172325
24.199.103.140 1 1 317 20250902091625
167.94.138.117 1 1 317 20250906211415
134.199.228.171 1 1 317 20250925131728
34.126.89.41 1 1 317 20250923213453
198.235.24.219 1 1 317 20250903102153
213.209.157.216 1 1 317 20250930014413
164.92.107.174 1 1 317 20250923172106
199.45.155.66 1 1 317 20250917194121
3.138.185.30 1 1 317 20250909143055
185.8.106.140 1 1 317 20250925122919
3.139.109.22 1 1 87 20250923171951
13.214.142.246 1 1 87 20250923171952
104.248.205.50 1 1 317 20250911110838
18.208.202.102 1 1 317 20250920080645
205.210.31.56 1 1 317 20250906081509
56.228.16.161 1 1 87 20250923171951
64.23.167.140 1 1 317 20250930183909
205.169.39.26 1 1 317 20250923182355
18.188.244.246 1 1 87 20250923171952
34.22.177.31 1 1 317 20250926080029
87.236.176.152 1 1 317 20250905153643
206.168.34.195 1 1 317 20250908124540
35.90.216.50 1 1 87 20250923171951
END_VISITOR

# Date - Pages - Hits - Bandwidth - Visits
BEGIN_DAY 16
20250902 4 4 1268 4
20250903 3 3 951 3
20250905 1 1 317 1
20250906 2 2 634 2
20250908 1 1 317 1
20250909 1 1 317 1
20250911 1 1 317 1
20250916 1 1 317 1
20250917 1 1 317 1
20250918 1 1 317 1
20250919 3 3 951 1
20250920 2 2 634 2
20250923 15 15 1949 13
20250925 2 2 634 2
20250926 1 1 317 1
20250930 2 2 634 2
END_DAY

# Session range - Number of visits
BEGIN_SESSION 1
0s-30s 37
END_SESSION

# URL - Pages - Bandwidth - Entry - Exit
# The 25 first Pages must be first (order not required for others)
BEGIN_SIDER 5
/ 29 9193 27 27
/.well-known/acme-challenge/_P5IgW4c526JOkDJU0f1lELRRLFYxQtk2-YXWsWwzhE 5 435 5 4
/.well-known/acme-challenge/iacUk0e9TkmUK30sufQRn-INcy-prJFksTcV4nhKCnw 5 435 4 5
/.well-known/acme-challenge/SB5RU11PRXZY5GVM8B-D495ZJ6009R69 1 64 0 1
/.well-known/acme-challenge/KLELAUJ9TF-RAUYUQYAH5C-AQE6FH-Y5 1 64 1 0
END_SIDER

# Payload Range - Payload Frequency
BEGIN_FILESIZE 3
500-1K 145
100-500 775
44-100 12
END_FILESIZE