Intrusion Exploit
Server: LiteSpeed
System: Linux cisadane.iixcp.rumahweb.net 5.14.0-427.42.1.el9_4.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Nov 1 14:58:02 EDT 2024 x86_64
User: lenf4658 (1805)
PHP: 8.4.19
Disabled: NONE
$ pwd: /home/lenf4658/tmp/awstats/
Upload Files
File: //home/lenf4658/tmp/awstats/awstats052024.lensapedia.id.txt
AWSTATS DATA FILE 7.8 (build 20200416)
# If you remove this file, all statistics for date 202405 will be lost/reset.
# Last config file used to build this data file was /home/lenf4658/tmp/awstats/awstats.lensapedia.id.conf.

# Position (offset in bytes) in this file for beginning of each section for
# direct I/O access. If you made changes somewhere in this file, you should
# also remove completely the MAP section (AWStats will rewrite it at next
# update).
BEGIN_MAP 28
POS_GENERAL 2010                
POS_TIME 2689                
POS_VISITOR 10262               
POS_DAY 14810               
POS_DOMAIN 3420                
POS_LOGIN 3845                
POS_ROBOT 4000                
POS_WORMS 4413                
POS_EMAILSENDER 4544                
POS_EMAILRECEIVER 4687                
POS_SESSION 15567               
POS_SIDER 15743               
POS_FILETYPES 4822                
POS_DOWNLOADS 4997                
POS_OS 5108                
POS_BROWSER 5328                
POS_SCREENSIZE 6102                
POS_UNKNOWNREFERER 6176                
POS_UNKNOWNREFERERBROWSER 6975                
POS_ORIGIN 7604                
POS_SEREFERRALS 7741                
POS_PAGEREFS 7900                
POS_SEARCHWORDS 8150                
POS_KEYWORDS 8302                
POS_MISC 2353                
POS_ERRORS 8361                
POS_CLUSTER 3701                
POS_SIDER_404 8494                
END_MAP

# LastLine    = Date of last record processed - Last record line number in last log - Last record offset in last log - Last record signature value
# FirstTime   = Date of first visit for history file
# LastTime    = Date of last visit for history file
# LastUpdate  = Date of last update - Nb of parsed records - Nb of parsed old records - Nb of parsed new records - Nb of parsed corrupted - Nb of parsed dropped
# TotalVisits = Number of visits
# TotalUnique = Number of unique visitors
# MonthHostsKnown   = Number of hosts known
# MonthHostsUnKnown = Number of hosts unknown
BEGIN_GENERAL 8
LastLine 20240601005229 56 10784 10352479781899
FirstTime 20240501025657
LastTime 20240531234933
LastUpdate 20240601192921 56 0 55 0 0
TotalVisits 226                 
TotalUnique 108                 
MonthHostsKnown 0                   
MonthHostsUnknown 109                 
END_GENERAL

# Misc ID - Pages - Hits - Bandwidth
BEGIN_MISC 10
QuickTimeSupport 0 0 0
RealPlayerSupport 0 0 0
TotalMisc 0 0 0
WindowsMediaPlayerSupport 0 0 0
PDFSupport 0 0 0
JavascriptDisabled 0 0 0
FlashSupport 0 0 0
JavaEnabled 0 0 0
DirectorSupport 0 0 0
AddToFavourites 0 0 0
END_MISC

# Hour - Pages - Hits - Bandwidth - Not viewed Pages - Not viewed Hits - Not viewed Bandwidth
BEGIN_TIME 24
0 17 17 557229 14 15 109623
1 8 8 238934 3 6 17208
2 26 28 389966 10 14 120419
3 27 36 613668 11 13 84610
4 7 9 84459 2 6 2476
5 3 5 32478 1 2 19411
6 36 43 366948 32 42 2461429
7 22 22 497005 9 10 355378
8 8 8 52138 6 9 312352
9 7 7 110571 6 15 44479
10 1 4 21846 4 5 105291
11 3 7 63937 5 9 40845
12 4 6 125175 1 1 0
13 5 8 53922 11 16 39356
14 11 23 242231 4 5 3714
15 6 14 162887 8 14 27940
16 16 18 227828 5 8 3183
17 21 40 290711 3 13 165879
18 4 6 107166 3 4 33521
19 8 15 115370 2 5 24873
20 7 9 67294 2 4 15951
21 18 22 586539 11 11 112228
22 10 14 311417 7 7 57466
23 23 32 706613 34 44 131404
END_TIME

# Domain - Pages - Hits - Bandwidth
# The 25 first Pages must be first (order not required for others)
BEGIN_DOMAIN 15
ip 102 102 658244
us 92 167 3800540
id 73 100 285941
ca 8 8 669522
se 7 7 120509
ir 3 3 187757
in 2 2 34693
au 2 2 33922
gb 2 3 119896
gr 2 2 34062
ru 1 1 17099
dk 1 1 14979
kr 1 1 17101
be 1 1 17108
cn 1 1 14959
END_DOMAIN

# Cluster ID - Pages - Hits - Bandwidth
BEGIN_CLUSTER 0
END_CLUSTER

# Login - Pages - Hits - Bandwidth - Last visit
# The 10 first Pages must be first (order not required for others)
BEGIN_LOGIN 0
END_LOGIN

# Robot ID - Hits - Bandwidth - Last visit - Hits on robots.txt
# The 25 first Hits must be first (order not required for others)
BEGIN_ROBOT 7
no_user_agent 33 3095254 20240531061218 0
Go\-http\-client/ 19 153524 20240531195731 0
bingbot/ 14 207562 20240529185429 0
facebookexternalhit/ 4 145194 20240501170644 0
Applebot/ 2 34867 20240524095630 0
curl 1 93688 20240520085207 0
bot[\s_+:,\.\;\/\\-] 1 16932 20240511184504 0
END_ROBOT

# Worm ID - Hits - Bandwidth - Last visit
# The 5 first Hits must be first (order not required for others)
BEGIN_WORMS 0
END_WORMS

# EMail - Hits - Bandwidth - Last visit
# The 20 first Hits must be first (order not required for others)
BEGIN_EMAILSENDER 0
END_EMAILSENDER

# EMail - Hits - Bandwidth - Last visit
# The 20 first hits must be first (order not required for others)
BEGIN_EMAILRECEIVER 0
END_EMAILRECEIVER

# Files type - Hits - Bandwidth - Bandwidth without compression - Bandwidth after compression
BEGIN_FILETYPES 6
txt 52 372778 0 0
js 24 142520 0 0
woff2 15 93792 0 0
php 157 17740 0 0
css 27 176866 0 0
html 126 5222636 0 0
END_FILETYPES

# Downloads - Hits - Bandwidth
BEGIN_DOWNLOADS 2
/license.txt 51 0 371382
/wp-includes/ID3/license.txt 1 0 1396
END_DOWNLOADS

# OS ID - Hits
BEGIN_OS ID - Hits - Pages 11
macosx15 25 25
linux 13 13
android10 2 2
androidnougat 51 0
win7 1 1
win10 76 65
ios_iphone 39 12
macosx9 1 1
Unknown 189 175
android 2 2
linuxubuntu 2 2
END_OS

# Browser ID - Hits - Pages
BEGIN_BROWSER 35
firefox83.0 1 1
chrome88.0.4240.193 6 6
safari17.4.1 18 5
chrome107.0.0.0 1 1
chrome60.0.3112.107 51 0
chrome80.0.3987.162 2 2
chrome79.0.3945.130 1 1
firefox104.0 1 1
safari16.3 21 7
msie11.0 4 1
chrome106.0.0.0 1 1
firefox108.0 1 1
chrome117.0.5938.132 12 5
opera80.4.4244.7786 1 1
Unknown 150 150
chrome95.0.4638.69 3 2
chrome58.0.3029.110 1 1
chrome114.0.5735.110 1 1
chrome91.0.4472.114 3 3
firefox95.0 2 2
chrome121.0.0.0 20 20
chrome71.1.2222.33 1 1
firefox119.0 1 1
netscape5.0 1 1
chrome105.0.0.0 2 2
chrome118.0.0.0 1 1
chrome112.0.5615.136 1 1
chrome122.0.0.0 2 2
chrome67.0.3506.118 1 1
mozilla 41 27
safari17.3.1 3 3
chrome120.0.0.0 3 3
chrome78.0.3904.108 37 37
chrome83.0.4103.97 5 5
chrome98.0.4758.102 1 1
END_BROWSER

# Screen size - Hits
BEGIN_SCREENSIZE 0
END_SCREENSIZE

# Unknown referer OS - Last visit date
BEGIN_UNKNOWNREFERER 8
python-requests/2.31.0 20240505063611
Mozilla/5.0_(compatible;_InternetMeasurement/1.0;__https://internet-measurement.com/) 20240525200652
Expanse,_a_Palo_Alto_Networks_company,_searches_across_the_global_IPv4_space_multiple_times_per_day_to_identify_customers'_presences_on_the_Internet._If_you_would_like_to_be_excluded_from_our_scans,_please_send_IP_addresses/domains_to:_scaninfo@paloaltonetworks.com 20240525025050
Mozilla/5.0_(compatible;_Dataprovider.com) 20240531232609
Mozilla/5.0_(compatible;_CensysInspect/1.1;__https://about.censys.io/) 20240531063335
WordPress/6.5.3;_https://lensapedia.id 20240531232529
WhatsApp/2.24.8.85_i 20240522192659
WordPress/6.5.2;_https://lensapedia.id 20240508062635
END_UNKNOWNREFERER

# Unknown referer Browser - Last visit date
BEGIN_UNKNOWNREFERERBROWSER 6
WordPress/6.5.2;_https://lensapedia.id 20240508062635
WhatsApp/2.24.8.85_i 20240522192659
Expanse,_a_Palo_Alto_Networks_company,_searches_across_the_global_IPv4_space_multiple_times_per_day_to_identify_customers'_presences_on_the_Internet._If_you_would_like_to_be_excluded_from_our_scans,_please_send_IP_addresses/domains_to:_scaninfo@paloaltonetworks.com 20240525025050
Apache/2.4.34_(Ubuntu)_OpenSSL/1.1.1_(internal_dummy_connection) 20240504225818
WordPress/6.5.3;_https://lensapedia.id 20240531232529
python-requests/2.31.0 20240505063611
END_UNKNOWNREFERERBROWSER

# Origin - Pages - Hits 
BEGIN_ORIGIN 6
From0 273 277
From1 0 51
From2 1 1
From3 3 3
From4 21 69
From5 0 0
END_ORIGIN

# Search engine referers ID - Pages - Hits
BEGIN_SEREFERRALS 1
google_com 1 1
END_SEREFERRALS

# External page referers - Pages - Hits
# The 25 first Pages must be first (order not required for others)
BEGIN_PAGEREFS 3
http://mail.lensapedia.id/// 1 1
http://mail.lensapedia.id 1 1
http://[2001:df0:27b:2::4:a171]:80 1 1
END_PAGEREFS

# Search keyphrases - Number of search
# The 10 first number of search must be first (order not required for others)
BEGIN_SEARCHWORDS 0
END_SEARCHWORDS

# Search keywords - Number of search
# The 25 first number of search must be first (order not required for others)
BEGIN_KEYWORDS 0
END_KEYWORDS

# Errors - Hits - Bandwidth
BEGIN_ERRORS 5
404 131 532315
301 38 1414
500 3 5886
302 9 0
409 2 2400
END_ERRORS

# URL with 404 errors - Hits - Last URL referrer
BEGIN_SIDER_404 51
/ 9 http://mail.lensapedia.id///
/wordpress/wp-admin/setup-config.php 2 -
/site/wp-includes/wlwmanifest.xml 1 -
//wp2/wp-includes/wlwmanifest.xml 1 -
//shop/wp-includes/wlwmanifest.xml 1 -
//wp-content/plugins/fix/up.php 1 -
/2018/wp-includes/wlwmanifest.xml 1 -
/blog 1 -
//sito/wp-includes/wlwmanifest.xml 1 -
/wp2/wp-includes/wlwmanifest.xml 1 -
/wp1/wp-includes/wlwmanifest.xml 1 -
/wp 1 -
/test/wp-includes/wlwmanifest.xml 1 -
//cms/wp-includes/wlwmanifest.xml 1 -
/robots.txt 31 -
/wp-aa.php 1 -
///wp-json/wp/v2/users/ 2 -
/web/wp-includes/wlwmanifest.xml 1 -
/.well-known/security.txt 3 -
/wordpress 1 -
/wp-includes/wlwmanifest.xml 8 -
/website/wp-includes/wlwmanifest.xml 1 -
/wp-json/wp/v2/users/ 7 -
/new 1 -
http://lensapedia.id:80/wp-includes/wlwmanifest.xml 2 -
/wordpress/wp-includes/wlwmanifest.xml 1 -
/sitemaps.xml 4 -
/sito/wp-includes/wlwmanifest.xml 1 -
/ads.txt 3 -
/sitemap.xml 4 -
/security.txt 2 -
/blog/wp-includes/wlwmanifest.xml 1 -
/sitemap.xml.gz 2 -
/sitemap_index.xml 2 -
/cms/wp-includes/wlwmanifest.xml 1 -
/news/wp-includes/wlwmanifest.xml 1 -
/feed/ 1 -
/sitemap.txt 1 -
/2019/wp-includes/wlwmanifest.xml 1 -
/vendor/laravel-filemanager/js/filemanager.js 2 -
/shop/wp-includes/wlwmanifest.xml 1 -
/humans.txt 2 -
/wp/wp-includes/wlwmanifest.xml 1 -
/wp-json/oembed/1.0/embed 7 -
/favicon.png 2 -
/old 1 -
/media/wp-includes/wlwmanifest.xml 1 -
/shop 1 -
/register 4 -
/laravel-filemanager/js/filemanager.js 2 -
/test 1 -
END_SIDER_404

# Host - Pages - Hits - Bandwidth - Last visit date - [Start date of last visit] - [Last page of last visit]
# [Start date of last visit] and [Last page of last visit] are saved only if session is not finished
# The 25 first Hits must be first (order not required for others)
BEGIN_VISITOR 109
2001:df0:27b:2::4:a171 76 76 0 20240523071512
103.247.11.118 60 60 0 20240531232529
114.10.139.101 6 14 65847 20240521172644
34.102.91.218 5 5 257753 20240512213640
35.189.59.105 5 5 257736 20240511073155
34.102.77.205 5 5 264819 20240531232813
34.16.222.79 5 5 265125 20240522215103
34.94.18.155 5 5 264819 20240528223135
35.236.42.159 5 5 259944 20240518000847
35.235.104.193 5 5 259945 20240519030554
149.56.160.196 4 11 92865 20240502061928
65.154.226.166 4 11 93245 20240522030241
114.122.231.131 4 11 92724 20240521172639
149.56.150.138 4 11 93766 20240531232609
37.27.81.120 3 3 187757 20240507010139
2a01:4f9:c012:d7c5::1 3 3 187761 20240507004145
15.204.182.106 2 2 34204 20240502091025
167.88.63.96 2 2 1014 20240504225818
144.217.135.161 2 2 191110 20240531232548
2001:448a:6102:f5dc:b84c:ef27:42f7:89f7 2 2 35073 20240522192659
149.56.150.29 2 2 186949 20240502061118
34.87.87.168 2 2 95543 20240531234933
104.28.243.32 2 3 94810 20240512151304
93.158.90.68 1 1 16919 20240510142612
2602:80d:1003::21 1 1 17933 20240523080130
130.255.166.98 1 1 16966 20240521171832
93.158.91.252 1 1 17702 20240526020905
128.90.174.12 1 1 16927 20240509024653
192.36.24.172 1 1 16963 20240516024657
2602:80d:1000:b0cc:e:2:5:c 1 1 17715 20240525170248
139.59.69.248 1 1 16959 20240518163447
93.158.90.65 1 1 17895 20240530063822
184.94.240.88 1 1 92595 20240513143023
2a06:4880:d000::eb 1 1 17714 20240525200652
64.226.75.209 1 1 16967 20240521033424
198.235.24.159 1 1 92604 20240509004452
39.101.165.37 1 1 14959 20240504133326
114.122.228.113 1 7 55101 20240527145109
205.210.31.131 1 1 93695 20240517120826
103.153.2.74 1 1 17706 20240526191508
67.205.162.67 1 1 16954 20240519020154
2602:80d:1004::3b 1 1 17122 20240501234453
164.92.156.247 1 1 17117 20240504073251
125.160.112.53 1 7 55309 20240522192706
18.236.109.10 1 1 17701 20240526163909
104.248.52.114 1 1 17111 20240502074518
128.199.250.55 0 1 7282 
167.71.105.20 1 51 364100 20240503232616
167.99.39.203 1 1 17103 20240504150116
157.245.86.161 1 1 17100 20240503033623
193.37.32.81 1 1 95516 20240528072415
2602:80d:1000:b0cc:e:2:6:f 1 1 17110 20240502014458
198.244.152.59 1 1 17106 20240506114904
165.22.217.22 1 1 17702 20240525035026
205.210.31.85 1 1 93509 20240507035353
92.118.57.47 1 1 16962 20240519041856
65.154.226.168 1 1 17104 20240506033327
2602:80d:1002::1e 1 1 17111 20240507022130
52.42.146.186 1 1 16962 20240518165750
2a00:6800:3:b9f::1 1 1 16920 20240509000205
2602:80d:1003::36 1 1 16941 20240509230048
2602:80d:1003::39 1 1 17904 20240527175452
2a00:6800:3:b9e::1 1 1 17703 20240526112824
198.235.24.49 1 1 92602 20240511185702
64.227.159.7 1 1 17110 20240507020553
144.126.221.61 1 1 16928 20240511021352
2602:80d:1004::28 1 1 17116 20240502062444
199.244.88.232 1 1 17911 20240530201858
93.158.91.33 1 1 17101 20240505033837
44.242.160.159 1 1 92599 20240511163006
65.155.30.101 1 1 17571 20240522031357
178.128.226.150 1 1 17100 20240505022505
2602:80d:1003::1b 1 1 17105 20240506203059
103.151.116.60 1 1 16987 20240501025657
2602:80d:1000:b0cc:e:2:5:e 1 1 17705 20240525170319
142.93.252.152 1 1 16925 20240513020252
185.195.232.145 1 1 17099 20240506210409
94.247.172.129 1 1 16963 20240516225955
114.10.139.104 1 1 16960 20240522013149
64.227.138.40 1 1 16918 20240501032058
2a03:b0c0:2:d0::153e:a001 1 1 17113 20240504175829
139.59.26.181 1 1 16963 20240515032750
2604:a940:302:118:0:19:: 1 1 93471 20240506094322
138.68.161.222 1 1 16961 20240518143212
159.203.66.102 1 1 17117 20240507132205
18.236.109.123 1 1 17906 20240530164906
2604:2dc0:100:4f07:: 1 1 12748 20240502234431
150.136.33.161 1 4 37455 20240501175128
198.211.116.32 1 1 17908 20240529040929
134.209.242.59 1 1 17914 20240531051813
64.227.166.127 1 1 17925 20240523040013
34.140.63.218 1 1 17102 20240505063611
110.172.98.2 1 1 17101 20240502082231
205.210.31.167 1 1 93483 20240504025314
35.86.249.55 1 1 16925 20240508162700
87.236.176.88 1 1 17108 20240503162459
34.220.249.210 1 1 17104 20240506164856
2620:96:e000:b0cc:e:2:2:9 1 1 16935 20240509070921
44.202.83.254 1 1 17100 20240502044225
2602:80d:1000:b0cc:e:2:6:9 1 1 17107 20240502014329
2602:80d:1004::2a 1 1 17110 20240502065650
2602:80d:1000::46 1 1 17911 20240531063335
198.235.24.222 1 1 94114 20240525025050
2a00:6800:3:b78::1 1 1 16916 20240501120746
51.79.137.191 1 1 17098 20240502022043
193.3.167.204 1 1 14979 20240501034944
199.244.88.221 1 1 16927 20240508215008
164.92.167.195 1 1 16963 20240521143400
205.210.31.69 1 1 92590 20240514072121
END_VISITOR

# Date - Pages - Hits - Bandwidth - Visits
BEGIN_DAY 31
20240501 12 15 120377 11
20240502 25 77 791309 17
20240503 8 14 77900 8
20240504 13 13 160789 13
20240505 6 6 51303 6
20240506 12 12 178989 11
20240507 14 14 520365 10
20240508 6 6 33852 6
20240509 11 11 160327 9
20240510 4 4 16919 3
20240511 16 16 459865 12
20240512 11 12 352563 5
20240513 7 7 109520 7
20240514 4 4 92590 3
20240515 4 4 16963 4
20240516 6 6 33926 6
20240517 4 4 93695 4
20240518 13 13 310826 9
20240519 13 13 293861 8
20240520 2 2 0 2
20240521 17 32 209467 9
20240522 19 32 483283 11
20240523 4 4 35858 4
20240524 3 3 0 3
20240525 10 10 164950 9
20240526 10 10 70812 8
20240527 5 11 73005 5
20240528 10 10 360335 4
20240529 4 4 17908 4
20240530 6 6 53712 6
20240531 19 26 681063 9
END_DAY

# Session range - Number of visits
BEGIN_SESSION 4
15mn-30mn 2
1h+ 2
0s-30s 213
30mn-1h 9
END_SESSION

# URL - Pages - Bandwidth - Entry - Exit
# The 25 first Pages must be first (order not required for others)
BEGIN_SIDER 10
/wp-cron.php 136 0 119 119
/ 122 4848730 102 89
/xmlrpc.php 16 15114 0 9
/wp-content/fonts/poppins/pxiEyp8kv8JHgFVrJJfecg.woff2 5 31536 0 3
/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 5 30992 0 0
/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 5 31264 0 1
http://lensapedia.id:80/ 4 373906 2 0
http://lensapedia.id:80/xmlrpc.php 2 1612 0 2
/wp-admin/install.php 2 1014 2 2
/wp-login.php 1 0 1 1
END_SIDER
@ Telegram