Intrusion Exploit
Server: LiteSpeed
System: Linux cisadane.iixcp.rumahweb.net 5.14.0-427.42.1.el9_4.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Nov 1 14:58:02 EDT 2024 x86_64
User: lenf4658 (1805)
PHP: 8.4.19
Disabled: NONE
$ pwd: /home/lenf4658/tmp/awstats/ssl/
Upload Files
File: //home/lenf4658/tmp/awstats/ssl/awstats052025.backend-tester.lensapedia.id.txt
AWSTATS DATA FILE 7.9 (build 20230108)
# If you remove this file, all statistics for date 202505 will be lost/reset.
# Last config file used to build this data file was /home/lenf4658/tmp/awstats/ssl/awstats.backend-tester.lensapedia.id.conf.

# Position (offset in bytes) in this file for beginning of each section for
# direct I/O access. If you made changes somewhere in this file, you should
# also remove completely the MAP section (AWStats will rewrite it at next
# update).
BEGIN_MAP 28
POS_GENERAL 2063                
POS_TIME 2722                
POS_VISITOR 6368                
POS_DAY 6911                
POS_DOMAIN 3267                
POS_LOGIN 3533                
POS_ROBOT 3688                
POS_WORMS 3898                
POS_EMAILSENDER 4029                
POS_EMAILRECEIVER 4172                
POS_SESSION 7155                
POS_FILESIZE 7392                
POS_SIDER 7302                
POS_FILETYPES 4307                
POS_DOWNLOADS 4425                
POS_OS 4473                
POS_BROWSER 4610                
POS_SCREENSIZE 4788                
POS_UNKNOWNREFERER 4862                
POS_UNKNOWNREFERERBROWSER 4949                
POS_ORIGIN 5031                
POS_SEREFERRALS 5163                
POS_PAGEREFS 5307                
POS_SEARCHWORDS 5455                
POS_KEYWORDS 5607                
POS_MISC 2386                
POS_ERRORS 5666                
POS_CLUSTER 3389                
POS_SIDER_404 5767                
END_MAP

# LastLine    = Date of last record processed - Last record line number in last log - Last record offset in last log - Last record signature value
# FirstTime   = Date of first visit for history file
# LastTime    = Date of last visit for history file
# LastUpdate  = Date of last update - Nb of parsed records - Nb of parsed old records - Nb of parsed new records - Nb of parsed corrupted - Nb of parsed dropped
# TotalVisits = Number of visits
# TotalUnique = Number of unique visitors
# MonthHostsKnown   = Number of hosts known
# MonthHostsUnKnown = Number of hosts unknown
BEGIN_GENERAL 8
LastLine 20250601111028 1 0 13403414802426
FirstTime 0
LastTime 20250531102019
LastUpdate 20250601181738 1 0 0 0 0
TotalVisits 12                  
TotalUnique 12                  
MonthHostsKnown 0                   
MonthHostsUnknown 12                  
END_GENERAL

# Misc ID - Pages - Hits - Bandwidth
BEGIN_MISC 10
QuickTimeSupport 0 0 0
JavascriptDisabled 0 0 0
TotalMisc 0 0 0
RealPlayerSupport 0 0 0
PDFSupport 0 0 0
FlashSupport 0 0 0
DirectorSupport 0 0 0
JavaEnabled 0 0 0
AddToFavourites 0 0 0
WindowsMediaPlayerSupport 0 0 0
END_MISC

# Hour - Pages - Hits - Bandwidth - Not viewed Pages - Not viewed Hits - Not viewed Bandwidth
BEGIN_TIME 24
0 1 1 41744 3 3 1282
1 0 0 0 3 3 8699
2 0 0 0 0 0 0
3 1 1 8270 15 15 25636
4 0 0 0 0 0 0
5 0 0 0 0 0 0
6 0 0 0 0 0 0
7 0 0 0 7 7 19705
8 0 0 0 0 0 0
9 3 3 21078 6 6 1077
10 1 1 8273 2 4 2702
11 0 0 0 0 0 0
12 0 0 0 0 0 0
13 3 3 58317 6 10 6263
14 0 0 0 0 0 0
15 0 0 0 0 0 0
16 2 11 211234 4 4 860
17 0 0 0 0 0 0
18 0 0 0 0 0 0
19 0 0 0 7 9 19753
20 1 1 41744 2 2 852
21 1 1 8291 2 4 2709
22 0 0 0 0 0 0
23 0 0 0 0 0 0
END_TIME

# Domain - Pages - Hits - Bandwidth
# The 25 first Pages must be first (order not required for others)
BEGIN_DOMAIN 4
us 10 10 179438
cn 1 10 202962
au 1 1 8273
ca 1 1 8278
END_DOMAIN

# Cluster ID - Pages - Hits - Bandwidth
BEGIN_CLUSTER 0
END_CLUSTER

# Login - Pages - Hits - Bandwidth - Last visit
# The 10 first Pages must be first (order not required for others)
BEGIN_LOGIN 0
END_LOGIN

# Robot ID - Hits - Bandwidth - Last visit - Hits on robots.txt
# The 25 first Hits must be first (order not required for others)
BEGIN_ROBOT 2
bot[\s_+:,\.\;\/\\-] 4 16614 20250512190920 2
scrapy 3 24835 20250531015535 0
END_ROBOT

# Worm ID - Hits - Bandwidth - Last visit
# The 5 first Hits must be first (order not required for others)
BEGIN_WORMS 0
END_WORMS

# EMail - Hits - Bandwidth - Last visit
# The 20 first Hits must be first (order not required for others)
BEGIN_EMAILSENDER 0
END_EMAILSENDER

# EMail - Hits - Bandwidth - Last visit
# The 20 first hits must be first (order not required for others)
BEGIN_EMAILRECEIVER 0
END_EMAILRECEIVER

# Files type - Hits - Bandwidth - Bandwidth without compression - Bandwidth after compression
BEGIN_FILETYPES 3
js 6 163572 0 0
Unknown 13 204262 0 0
css 3 31117 0 0
END_FILETYPES

# Downloads - Hits - Bandwidth
BEGIN_DOWNLOADS 0
END_DOWNLOADS

# OS ID - Hits
BEGIN_OS ID - Hits - Pages 6
winxp 1 1
win7 3 3
androidnougat 1 1
win10 3 3
linux 4 4
android11 10 1
END_OS

# Browser ID - Hits - Pages
BEGIN_BROWSER 6
chrome31.0.1650.16 1 1
chrome135.0.0.0 4 4
chrome91.0.4472.101 10 1
chrome104.0.0.0 3 3
safari5.0.4 3 3
chrome60.0.3112.107 1 1
END_BROWSER

# Screen size - Hits
BEGIN_SCREENSIZE 0
END_SCREENSIZE

# Unknown referer OS - Last visit date
BEGIN_UNKNOWNREFERER 0
END_UNKNOWNREFERER

# Unknown referer Browser - Last visit date
BEGIN_UNKNOWNREFERERBROWSER 0
END_UNKNOWNREFERERBROWSER

# Origin - Pages - Hits 
BEGIN_ORIGIN 6
From0 12 12
From1 1 1
From2 0 0
From3 0 0
From4 0 9
From5 0 0
END_ORIGIN

# Search engine referers ID - Pages - Hits
BEGIN_SEREFERRALS 0
END_SEREFERRALS

# External page referers - Pages - Hits
# The 25 first Pages must be first (order not required for others)
BEGIN_PAGEREFS 0
END_PAGEREFS

# Search keyphrases - Number of search
# The 10 first number of search must be first (order not required for others)
BEGIN_SEARCHWORDS 0
END_SEARCHWORDS

# Search keywords - Number of search
# The 25 first number of search must be first (order not required for others)
BEGIN_KEYWORDS 0
END_KEYWORDS

# Errors - Hits - Bandwidth
BEGIN_ERRORS 2
302 39 9465
404 17 38624
END_ERRORS

# URL with 404 errors - Hits - Last URL referrer
BEGIN_SIDER_404 12
/backup 1 www.google.com
/wp-login.php 1 -
/test 1 www.google.com
/old 1 www.google.com
/wordpress 2 www.google.com
/wp 2 www.google.com
/blog 1 www.google.com
/ads.txt 4 -
/temp 1 www.google.com
/js/plugins/elfinder/php/mime.types 1 -
/new 1 www.google.com
/backend-tester 1 www.google.com
END_SIDER_404

# Host - Pages - Hits - Bandwidth - Last visit date - [Start date of last visit] - [Last page of last visit]
# [Start date of last visit] and [Last page of last visit] are saved only if session is not finished
# The 25 first Hits must be first (order not required for others)
BEGIN_VISITOR 12
44.203.84.116 2 2 14015 20250515092955
138.197.148.182 1 1 8291 20250526213618
139.59.85.90 1 1 8273 20250531102019
108.136.120.37 1 1 41744 20250531004555
27.115.124.109 1 10 202962 20250524163727
13.36.241.78 1 1 8270 20250512033208
108.136.138.206 1 1 41744 20250516203525
35.226.223.92 1 1 8272 20250530161420
174.138.74.125 1 1 8295 20250512135601
142.93.236.73 1 1 8278 20250517130724
108.136.51.106 1 1 41744 20250527131102
44.204.200.210 1 1 7063 20250515092952
END_VISITOR

# Date - Pages - Hits - Bandwidth - Visits
BEGIN_DAY 9
20250512 2 2 16565 2
20250515 3 3 21078 2
20250516 1 1 41744 1
20250517 1 1 8278 1
20250524 1 10 202962 1
20250526 1 1 8291 1
20250527 1 1 41744 1
20250530 1 1 8272 1
20250531 2 2 50017 2
END_DAY

# Session range - Number of visits
BEGIN_SESSION 1
0s-30s 12
END_SESSION

# URL - Pages - Bandwidth - Entry - Exit
# The 25 first Pages must be first (order not required for others)
BEGIN_SIDER 1
/admin/login 13 204262 12 12
END_SIDER

# Payload Range - Payload Frequency
BEGIN_FILESIZE 5
500-1K 1
0-44 3
5K+ 23
2K-5K 24
100-500 38
END_FILESIZE
@ Telegram