Intrusion Exploit
Server: LiteSpeed
System: Linux cisadane.iixcp.rumahweb.net 5.14.0-427.42.1.el9_4.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Nov 1 14:58:02 EDT 2024 x86_64
User: lenf4658 (1805)
PHP: 8.4.19
Disabled: NONE
$ pwd: /home/lenf4658/tmp/awstats/ssl/
Upload Files
File: //home/lenf4658/tmp/awstats/ssl/awstats042025.hrisconnect.lensapedia.id.txt
AWSTATS DATA FILE 7.9 (build 20230108)
# If you remove this file, all statistics for date 202504 will be lost/reset.
# Last config file used to build this data file was /home/lenf4658/tmp/awstats/ssl/awstats.hrisconnect.lensapedia.id.conf.

# Position (offset in bytes) in this file for beginning of each section for
# direct I/O access. If you made changes somewhere in this file, you should
# also remove completely the MAP section (AWStats will rewrite it at next
# update).
BEGIN_MAP 28
POS_GENERAL 2060                
POS_TIME 2739                
POS_VISITOR 8015                
POS_DAY 11985               
POS_DOMAIN 3417                
POS_LOGIN 3863                
POS_ROBOT 4018                
POS_WORMS 4465                
POS_EMAILSENDER 4596                
POS_EMAILRECEIVER 4739                
POS_SESSION 12273               
POS_FILESIZE 13302               
POS_SIDER 12461               
POS_FILETYPES 4874                
POS_DOWNLOADS 5048                
POS_OS 5096                
POS_BROWSER 5379                
POS_SCREENSIZE 6080                
POS_UNKNOWNREFERER 6154                
POS_UNKNOWNREFERERBROWSER 6444                
POS_ORIGIN 6588                
POS_SEREFERRALS 6723                
POS_PAGEREFS 6867                
POS_SEARCHWORDS 7120                
POS_KEYWORDS 7272                
POS_MISC 2402                
POS_ERRORS 7331                
POS_CLUSTER 3719                
POS_SIDER_404 7455                
END_MAP

# LastLine    = Date of last record processed - Last record line number in last log - Last record offset in last log - Last record signature value
# FirstTime   = Date of first visit for history file
# LastTime    = Date of last visit for history file
# LastUpdate  = Date of last update - Nb of parsed records - Nb of parsed old records - Nb of parsed new records - Nb of parsed corrupted - Nb of parsed dropped
# TotalVisits = Number of visits
# TotalUnique = Number of unique visitors
# MonthHostsKnown   = Number of hosts known
# MonthHostsUnKnown = Number of hosts unknown
BEGIN_GENERAL 8
LastLine 20250501105307 11 1456 12982302596293
FirstTime 20250420161645
LastTime 20250430212955
LastUpdate 20250501143608 11 0 10 0 0
TotalVisits 89                  
TotalUnique 85                  
MonthHostsKnown 0                   
MonthHostsUnknown 108                 
END_GENERAL

# Misc ID - Pages - Hits - Bandwidth
BEGIN_MISC 10
PDFSupport 0 0 0
JavaEnabled 0 0 0
DirectorSupport 0 0 0
AddToFavourites 0 16 0
WindowsMediaPlayerSupport 0 0 0
FlashSupport 0 0 0
QuickTimeSupport 0 0 0
RealPlayerSupport 0 0 0
TotalMisc 0 0 0
JavascriptDisabled 0 0 0
END_MISC

# Hour - Pages - Hits - Bandwidth - Not viewed Pages - Not viewed Hits - Not viewed Bandwidth
BEGIN_TIME 24
0 2 22 331970 3 7 7867
1 4 5 31988 25 78 815808
2 1 11 166061 5 6 9724
3 0 0 0 0 0 0
4 2 2 16453 6 12 93548
5 0 0 0 0 0 0
6 1 11 166064 5 5 9703
7 2 4 18984 5 5 1238
8 10 38 437717 13 13 2456
9 1 2 9491 2 2 422
10 0 0 0 0 0 0
11 3 5 34090 8 11 1724
12 1 1 15092 0 0 0
13 0 0 0 0 0 0
14 4 7 37422 10 11 11821
15 1 10 165538 2 2 353
16 47 98 1981501 21 25 27995
17 20 43 476688 7 7 1792
18 11 33 612468 22 25 15129
19 10 24 252663 42 72 1455289
20 18 31 491464 35 43 16111
21 14 76 1064014 30 35 14464
22 3 23 390664 8 9 5603
23 5 26 351219 18 26 39117
END_TIME

# Domain - Pages - Hits - Bandwidth
# The 25 first Pages must be first (order not required for others)
BEGIN_DOMAIN 16
id 67 177 2855155
us 43 120 1456840
ru 14 36 611577
in 10 36 448859
ca 7 10 380068
gb 7 24 352230
cz 2 12 173506
nl 2 12 224641
jp 2 4 18996
ao 1 11 166063
pl 1 1 7512
eu 1 1 7511
ie 1 11 166064
au 1 2 9497
de 1 12 166620
ro 0 3 6412
END_DOMAIN

# Cluster ID - Pages - Hits - Bandwidth
BEGIN_CLUSTER 0
END_CLUSTER

# Login - Pages - Hits - Bandwidth - Last visit
# The 10 first Pages must be first (order not required for others)
BEGIN_LOGIN 0
END_LOGIN

# Robot ID - Hits - Bandwidth - Last visit - Hits on robots.txt
# The 25 first Hits must be first (order not required for others)
BEGIN_ROBOT 8
Googlebot/ 58 917573 20250427111212 2
facebookexternalhit/ 45 1455931 20250422001328 7
unknown 10 240 20250421014830 10
bitlybot 7 44730 20250423023127 2
Googlebot\-Image/ 4 4219 20250421015355 0
scrapy 2 17869 20250428165302 0
Go\-http\-client/ 1 8940 20250428060533 0
Mediapartners-Google 1 7511 20250420232454 0
END_ROBOT

# Worm ID - Hits - Bandwidth - Last visit
# The 5 first Hits must be first (order not required for others)
BEGIN_WORMS 0
END_WORMS

# EMail - Hits - Bandwidth - Last visit
# The 20 first Hits must be first (order not required for others)
BEGIN_EMAILSENDER 0
END_EMAILSENDER

# EMail - Hits - Bandwidth - Last visit
# The 20 first hits must be first (order not required for others)
BEGIN_EMAILRECEIVER 0
END_EMAILRECEIVER

# Files type - Hits - Bandwidth - Bandwidth without compression - Bandwidth after compression
BEGIN_FILETYPES 6
js 173 3313641 0 0
Unknown 159 2052936 0 0
html 1 590 0 0
css 73 689082 0 0
svg 65 96750 0 0
jpg 1 898552 0 0
END_FILETYPES

# Downloads - Hits - Bandwidth
BEGIN_DOWNLOADS 0
END_DOWNLOADS

# OS ID - Hits
BEGIN_OS ID - Hits - Pages 15
macosx15 3 2
android 33 3
androidlollipop 3 3
linux 157 66
ios_iphone 25 3
Unknown 25 12
android10 58 26
macosx10 1 1
win10 102 22
android11 11 1
win8.1 1 0
androidmarshmallow 1 1
win7 36 7
linuxubuntu 15 12
unix 1 1
END_OS

# Browser ID - Hits - Pages
BEGIN_BROWSER 32
firefox134.0 8 5
chrome133.0.0.0 22 2
chrome128.0.0.0 3 2
chrome102.0.0.0 2 1
chrome135.0.7049.95 1 1
chrome110.0.0.0 2 2
chrome98.0.4758.102 12 2
Unknown 3 1
chrome111.0.5563.116 11 1
chrome134.0.0.0 11 1
chrome132.0.0.0 13 3
chrome130.0.0.0 11 1
chrome135.0.0.0 182 77
firefox38.0 1 0
firefox120.0 18 18
safari18.4 11 1
chrome45.0.2454.85 32 5
chrome116.0.0.0 10 1
chrome131.0.0.0 11 1
safari5.0.4 4 2
iphone 11 1
chrome58.0.3029.110 2 2
chrome37.0.2062.124 1 1
mozilla 22 11
chrome126.0.0.0 11 1
chrome27.0.1453.116 1 1
chrome84.0.4147.89 1 1
chrome73.0.3683.90 3 3
safari17.5 3 1
chrome134.0.6998.35 9 1
chrome135.0.7049.92 33 3
firefox117.0 7 7
END_BROWSER

# Screen size - Hits
BEGIN_SCREENSIZE 0
END_SCREENSIZE

# Unknown referer OS - Last visit date
BEGIN_UNKNOWNREFERER 4
axios/0.24.0 20250420232114
Mozilla/5.0_(compatible;_InternetMeasurement/1.0;__https://internet-measurement.com/) 20250422014111
Mozilla/5.0_(compatible) 20250429090111
WhatsApp/2.23.20.0 20250426082204
END_UNKNOWNREFERER

# Unknown referer Browser - Last visit date
BEGIN_UNKNOWNREFERERBROWSER 2
axios/0.24.0 20250420232114
WhatsApp/2.23.20.0 20250426082204
END_UNKNOWNREFERERBROWSER

# Origin - Pages - Hits 
BEGIN_ORIGIN 6
From0 70 83
From1 0 0
From2 0 0
From3 6 6
From4 84 383
From5 0 0
END_ORIGIN

# Search engine referers ID - Pages - Hits
BEGIN_SEREFERRALS 0
END_SEREFERRALS

# External page referers - Pages - Hits
# The 25 first Pages must be first (order not required for others)
BEGIN_PAGEREFS 3
https://bit.ly/hris-connect 3 3
https://cisadane.iixcp.rumahweb.net:2083 2 2
https://lm.facebook.com 1 1
END_PAGEREFS

# Search keyphrases - Number of search
# The 10 first number of search must be first (order not required for others)
BEGIN_SEARCHWORDS 0
END_SEARCHWORDS

# Search keywords - Number of search
# The 25 first number of search must be first (order not required for others)
BEGIN_KEYWORDS 0
END_KEYWORDS

# Errors - Hits - Bandwidth
BEGIN_ERRORS 4
302 237 52797
500 1 2003
404 8 15966
301 3 2385
END_ERRORS

# URL with 404 errors - Hits - Last URL referrer
BEGIN_SIDER_404 4
/storage/01JS982K4NAWFPDFX5A3BAT3EP.jpg 2 https://hrisconnect.lensapedia.id/app/attendances
/favicon.png 1 -
/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f 2 https://www.hrisconnect.lensapedia.id/
/wordpress 3 https://hrisconnect.lensapedia.id/wordpress/
END_SIDER_404

# Host - Pages - Hits - Bandwidth - Last visit date - [Start date of last visit] - [Last page of last visit]
# [Start date of last visit] and [Last page of last visit] are saved only if session is not finished
# The 25 first Hits must be first (order not required for others)
BEGIN_VISITOR 108
110.139.148.191 43 93 1945205 20250420162639
36.83.47.166 18 38 229247 20250420190949
103.160.151.82 7 13 109283 20250426124755
146.70.185.32 3 11 162807 20250422230738
89.187.187.107 2 12 173506 20250420215906
182.0.196.229 2 12 173575 20250426083048
108.137.9.255 2 4 103166 20250429174955
91.196.152.231 2 2 86944 20250422203320
157.119.40.28 2 4 18996 20250427110901
213.232.121.144 2 11 174467 20250420232054
40.80.158.10 2 22 331970 20250421002549
85.239.51.66 2 11 174463 20250421175933
91.196.152.75 1 1 43512 20250422202911
185.247.137.250 1 1 8940 20250422014106
149.57.180.184 1 1 8938 20250427194042
193.202.87.149 1 1 7511 20250420215148
23.27.145.142 1 1 8944 20250427204948
23.27.145.23 1 1 8941 20250422202635
83.142.53.49 1 1 7512 20250420215149
31.187.78.162 1 11 166066 20250420214825
152.42.255.153 1 1 8941 20250421145805
185.68.184.123 1 1 7508 20250421014808
198.44.133.52 1 11 166031 20250420215859
64.15.129.122 1 1 43512 20250420180422
94.102.49.123 1 6 84557 20250420215022
173.252.95.39 0 1 2432 
80.82.70.198 0 4 80975 
45.55.153.86 0 1 554 
157.245.243.118 0 1 554 
31.13.115.115 0 1 764 
149.57.180.197 1 1 8933 20250420194114
45.148.127.63 1 1 7476 20250421014830
31.13.115.114 1 5 93604 20250421062257
165.232.138.183 1 2 9497 20250425085509
91.196.152.78 1 1 43512 20250422203720
173.252.95.5 0 2 3980 
182.2.143.148 1 11 166071 20250420210851
31.13.115.10 0 1 498 
69.171.251.9 0 2 14416 
185.247.137.10 1 1 8937 20250421235059
91.196.152.71 0 1 1200 
173.252.95.37 1 5 121836 20250420192844
193.36.224.114 0 3 6412 
34.68.223.115 1 1 8936 20250421162722
91.196.152.54 0 1 1200 
83.219.96.138 1 2 59109 20250420225202
66.249.71.168 1 1 7507 20250421040225
23.27.145.108 1 1 8943 20250420195820
185.247.137.14 1 1 8932 20250421164924
185.156.46.151 1 1 7509 20250421203059
31.13.115.116 0 3 57280 
35.232.250.126 1 1 8941 20250421162753
212.41.12.133 0 1 1200 
154.194.20.49 1 11 166063 20250420180510
173.252.95.9 0 2 37320 
159.65.216.50 0 1 554 
164.92.99.127 1 2 9498 20250427141044
104.234.225.2 1 1 7477 20250420225158
23.27.145.38 1 1 8938 20250421203751
149.57.180.139 1 1 8937 20250427205136
143.244.40.246 1 3 12356 20250420215423
152.42.171.40 1 1 8938 20250423190542
103.119.118.84 1 11 166065 20250426084058
102.129.234.234 1 1 8935 20250421201449
172.233.62.72 1 1 8933 20250421161745
149.57.180.18 1 1 8932 20250422202908
149.57.180.185 1 1 8940 20250430205942
192.175.111.254 1 1 43512 20250420180429
138.197.1.95 1 2 9491 20250429090110
175.158.55.193 1 11 166061 20250423023125
91.196.152.84 1 1 43472 20250422204113
192.175.111.239 1 1 43512 20250420180418
104.232.195.35 1 1 7511 20250420180505
161.35.153.155 1 2 9491 20250421143733
149.57.180.92 1 1 8940 20250424215422
23.27.145.219 1 1 8942 20250421194436
152.42.175.186 1 1 8946 20250423045555
140.213.129.30 1 11 166061 20250420232325
159.203.6.125 1 2 9492 20250425145828
104.234.225.6 0 3 111599 
44.202.43.93 1 11 166022 20250420223623
64.15.129.106 1 1 43472 20250420180408
149.57.180.146 1 1 8938 20250424203728
69.171.251.112 0 1 764 
23.27.145.178 1 1 8940 20250422194349
91.196.152.156 0 1 1200 
5.180.180.166 0 1 554 
192.175.111.230 1 1 43472 20250420180415
173.252.95.13 0 1 498 
149.40.50.107 1 1 7477 20250421204012
173.239.196.143 0 3 40045 
23.27.145.45 1 1 8931 20250430194337
69.171.251.116 1 6 96817 20250420200206
45.141.152.73 1 11 166035 20250420214848
23.27.145.0 1 1 8932 20250421203648
192.175.111.248 1 1 43512 20250420180426
185.88.100.198 1 10 165538 20250427152411
149.57.180.124 1 1 8944 20250430212955
139.59.10.132 1 2 9497 20250423075000
159.65.194.205 1 2 9487 20250427075224
212.119.42.125 1 1 7480 20250420215427
31.13.115.6 0 1 13918 
185.89.43.142 1 1 7510 20250421014807
138.68.137.247 1 2 9483 20250421084441
149.57.180.6 1 1 8940 20250424203454
212.119.42.154 1 1 7476 20250420215426
23.27.145.17 1 1 8939 20250420195901
69.171.251.10 0 2 54064 
END_VISITOR

# Date - Pages - Hits - Bandwidth - Visits
BEGIN_DAY 10
20250420 94 304 4909289 33
20250421 23 66 826933 21
20250422 10 14 257347 9
20250423 4 15 193442 4
20250424 3 3 26818 3
20250425 2 4 18989 2
20250426 10 36 448923 5
20250427 8 21 230338 7
20250429 3 6 112657 2
20250430 3 3 26815 3
END_DAY

# Session range - Number of visits
BEGIN_SESSION 5
30mn-1h 1
2mn-5mn 2
0s-30s 83
30s-2mn 2
5mn-15mn 1
END_SESSION

# URL - Pages - Bandwidth - Entry - Exit
# The 25 first Pages must be first (order not required for others)
BEGIN_SIDER 26
/app/login 94 1174658 83 82
/livewire/update 16 21518 0 0
/app 10 145774 4 4
/app/attendances 6 124618 0 1
/app/cash-advances 5 66820 1 0
/app/departements 3 49737 0 0
/app/coordinations 2 35803 0 0
/app/departements/create 2 33472 0 0
/app/incoming-letters 2 35909 0 0
/app/cash-advances/create 2 38161 0 0
/app/users 2 42935 0 0
/app/register 2 58789 0 2
/app/attendances/create 1 19437 0 0
/app/coordinations/create 1 17948 0 0
/app/attendances/1 1 19406 0 0
/app/identities 1 17958 0 0
/app/incoming-letters/create 1 18593 0 0
/app/shield/roles 1 20359 0 0
/ 1 590 1 0
/app/sections 1 18245 0 0
/app/position-levels 1 17890 0 0
/app/personal-files 1 17966 0 0
/app/positions 1 19525 0 0
/app/units 1 19426 0 0
/app/outgoing-letters 1 17912 0 0
/livewire/upload-file 1 77 0 0
END_SIDER

# Payload Range - Payload Frequency
BEGIN_FILESIZE 7
100-500 258
2K-5K 98
0-44 92
1K-2K 8
5K+ 346
44-100 2
500-1K 62
END_FILESIZE
@ Telegram