HEX
Server: Apache
System: Linux darrell.nocdirect.com 4.18.0-513.18.2.el8_9.x86_64 #1 SMP Sat Mar 30 06:10:41 EDT 2024 x86_64
User: joderbya (1358)
PHP: 8.0.30
Disabled: NONE
$ pwd: /home/joderbya/wlsa.quick-step-ei.com/tmp/awstats/
Upload Files
File: /home/joderbya/wlsa.quick-step-ei.com/tmp/awstats/awstats082025.gn.quick-step-ei.com.txt
AWSTATS DATA FILE 7.9 (build 20230108)
# If you remove this file, all statistics for date 202508 will be lost/reset.
# Last config file used to build this data file was /home/joderbya/tmp/awstats/awstats.gn.quick-step-ei.com.conf.

# Position (offset in bytes) in this file for beginning of each section for
# direct I/O access. If you made changes somewhere in this file, you should
# also remove completely the MAP section (AWStats will rewrite it at next
# update).
BEGIN_MAP 28
POS_GENERAL 2051                
POS_TIME 2726                
POS_VISITOR 7742                
POS_DAY 8303                
POS_DOMAIN 3335                
POS_LOGIN 3579                
POS_ROBOT 3734                
POS_WORMS 3940                
POS_EMAILSENDER 4071                
POS_EMAILRECEIVER 4214                
POS_SESSION 8923                
POS_FILESIZE 9343                
POS_SIDER 9120                
POS_FILETYPES 4349                
POS_DOWNLOADS 4466                
POS_OS 4514                
POS_BROWSER 4637                
POS_SCREENSIZE 4821                
POS_UNKNOWNREFERER 4895                
POS_UNKNOWNREFERERBROWSER 5284                
POS_ORIGIN 5582                
POS_SEREFERRALS 5716                
POS_PAGEREFS 5860                
POS_SEARCHWORDS 6008                
POS_KEYWORDS 6160                
POS_MISC 2390                
POS_ERRORS 6219                
POS_CLUSTER 3435                
POS_SIDER_404 6339                
END_MAP

# LastLine    = Date of last record processed - Last record line number in last log - Last record offset in last log - Last record signature value
# FirstTime   = Date of first visit for history file
# LastTime    = Date of last visit for history file
# LastUpdate  = Date of last update - Nb of parsed records - Nb of parsed old records - Nb of parsed new records - Nb of parsed corrupted - Nb of parsed dropped
# TotalVisits = Number of visits
# TotalUnique = Number of unique visitors
# MonthHostsKnown   = Number of hosts known
# MonthHostsUnKnown = Number of hosts unknown
BEGIN_GENERAL 8
LastLine 20250901003920 8 1151 10276850717157
FirstTime 20250801035129
LastTime 20250831163914
LastUpdate 20250901094643 8 0 7 0 0
TotalVisits 65                  
TotalUnique 12                  
MonthHostsKnown 0                   
MonthHostsUnknown 12                  
END_GENERAL

# Misc ID - Pages - Hits - Bandwidth
BEGIN_MISC 10
FlashSupport 0 0 0
PDFSupport 0 0 0
TotalMisc 0 0 0
JavaEnabled 0 0 0
JavascriptDisabled 0 0 0
AddToFavourites 0 5 0
WindowsMediaPlayerSupport 0 0 0
QuickTimeSupport 0 0 0
RealPlayerSupport 0 0 0
DirectorSupport 0 0 0
END_MISC

# Hour - Pages - Hits - Bandwidth - Not viewed Pages - Not viewed Hits - Not viewed Bandwidth
BEGIN_TIME 24
0 7 7 478299 14 14 1483962
1 3 4 163552 0 2 147844
2 1 1 0 1 2 0
3 8 8 159433 10 10 614554
4 48 48 177372 4 6 443532
5 5 5 159433 1 2 0
6 2 2 0 3 3 159433
7 102 102 956598 0 0 0
8 6 6 478299 1 2 50133
9 0 0 0 0 0 0
10 0 0 0 0 0 0
11 0 0 0 0 0 0
12 2 2 0 2 2 159433
13 49 49 182885 37 37 5177205
14 1 1 0 2 2 159433
15 0 0 0 0 0 0
16 3 3 0 11 11 159433
17 1 1 0 1 1 159433
18 0 0 0 1 1 2665
19 4 4 0 32 32 2661192
20 0 0 0 0 0 0
21 0 0 0 0 0 0
22 2 2 159433 1 1 50133
23 0 0 0 0 0 0
END_TIME

# Domain - Pages - Hits - Bandwidth
# The 25 first Pages must be first (order not required for others)
BEGIN_DOMAIN 2
us 242 243 2750358
ca 2 2 164946
END_DOMAIN

# Cluster ID - Pages - Hits - Bandwidth
BEGIN_CLUSTER 0
END_CLUSTER

# Login - Pages - Hits - Bandwidth - Last visit
# The 10 first Pages must be first (order not required for others)
BEGIN_LOGIN 0
END_LOGIN

# Robot ID - Hits - Bandwidth - Last visit - Hits on robots.txt
# The 25 first Hits must be first (order not required for others)
BEGIN_ROBOT 2
no_user_agent 6 802687 20250831163915 0
checker 2 318866 20250829065603 0
END_ROBOT

# Worm ID - Hits - Bandwidth - Last visit
# The 5 first Hits must be first (order not required for others)
BEGIN_WORMS 0
END_WORMS

# EMail - Hits - Bandwidth - Last visit
# The 20 first Hits must be first (order not required for others)
BEGIN_EMAILSENDER 0
END_EMAILSENDER

# EMail - Hits - Bandwidth - Last visit
# The 20 first hits must be first (order not required for others)
BEGIN_EMAILRECEIVER 0
END_EMAILRECEIVER

# Files type - Hits - Bandwidth - Bandwidth without compression - Bandwidth after compression
BEGIN_FILETYPES 3
php 223 38395 0 0
html 21 2872790 0 0
png 1 4119 0 0
END_FILETYPES

# Downloads - Hits - Bandwidth
BEGIN_DOWNLOADS 0
END_DOWNLOADS

# OS ID - Hits
BEGIN_OS ID - Hits - Pages 4
linux 2 2
Unknown 153 152
androidlollipop 2 2
win10 88 88
END_OS

# Browser ID - Hits - Pages
BEGIN_BROWSER 7
chrome137.0.0.0 2 2
Unknown 151 151
chrome78.0.3904.108 86 86
mozilla 2 1
chrome139.0.0.0 1 1
chrome73.0.3683.90 2 2
firefox121.0 1 1
END_BROWSER

# Screen size - Hits
BEGIN_SCREENSIZE 0
END_SCREENSIZE

# Unknown referer OS - Last visit date
BEGIN_UNKNOWNREFERER 3
Hello_from_Palo_Alto_Networks,_find_out_more_about_our_scans_in_https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity 20250829130757
WordPress/6.8.2;_http://gn.quick-step-ei.com 20250831163914
Mozilla/5.0_(compatible;_CensysInspect/1.1;__https://about.censys.io/) 20250804012400
END_UNKNOWNREFERER

# Unknown referer Browser - Last visit date
BEGIN_UNKNOWNREFERERBROWSER 2
Hello_from_Palo_Alto_Networks,_find_out_more_about_our_scans_in_https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity 20250829130757
WordPress/6.8.2;_http://gn.quick-step-ei.com 20250831163914
END_UNKNOWNREFERERBROWSER

# Origin - Pages - Hits 
BEGIN_ORIGIN 6
From0 244 244
From1 0 0
From2 0 0
From3 0 0
From4 0 1
From5 0 0
END_ORIGIN

# Search engine referers ID - Pages - Hits
BEGIN_SEREFERRALS 0
END_SEREFERRALS

# External page referers - Pages - Hits
# The 25 first Pages must be first (order not required for others)
BEGIN_PAGEREFS 0
END_PAGEREFS

# Search keyphrases - Number of search
# The 10 first number of search must be first (order not required for others)
BEGIN_SEARCHWORDS 0
END_SEARCHWORDS

# Search keywords - Number of search
# The 25 first number of search must be first (order not required for others)
BEGIN_KEYWORDS 0
END_KEYWORDS

# Errors - Hits - Bandwidth
BEGIN_ERRORS 4
409 2 5330
302 1 0
404 80 10301502
301 32 0
END_ERRORS

# URL with 404 errors - Hits - Last URL referrer
BEGIN_SIDER_404 70
/ea3f.php 1 -
/shell 1 -
/sx21_1.php 2 -
/class9.php 1 -
/xmlrpc.php 2 -
/wp 1 -
/g.php 1 -
/wp-content/plugins/hellopress/wp_filemanager.php 3 -
/cwsd.php 1 -
/bk 1 -
/old 1 -
/new 1 -
/bc 1 -
/Telerik.Web.UI.WebResource.axd 1 -
/.trash7309/ 1 -
/backup 1 -
/bluejackets.php 1 -
/witmm.php 1 -
/just2.php 1 -
/shell.php 1 -
/webshell 1 -
/asasx.php 1 -
/ot.php 1 -
/ex.php 1 -
/orm.php 1 -
/home 1 -
/akcc.php 1 -
/j.php 1 -
/wordpress/ 2 -
/nx.php 1 -
/webshell.php 1 -
/xp.php 2 -
/.well-known/security.txt 1 -
/wp-admin/wp-conflg.php 1 -
/k.php 1 -
/aua.php 1 -
/1.php 1 -
/litanies.php 1 -
/akp.php 1 -
/Telerik.Web.UI.DialogHandler.aspx 1 -
/pop.php 1 -
/wordpress 1 -
/gfile.php 1 -
/ 2 -
/lo.php 1 -
/sec.php 1 -
/pass.php 1 -
/nx9.php 1 -
/classwithtostring.php 1 -
/let.php 1 -
/great.php 1 -
/file17.php 2 -
/security.txt 1 -
/build.php 1 -
/php.php 1 -
/gmo.php 1 -
/lock360.php 2 -
/ext.php 1 -
/file2.php 1 -
/wp-admin/js/wp-conflg.php 1 -
/1aa.php 1 -
/file.php 1 -
/asd67.php 1 -
/kwm4.php 1 -
/s.php 1 -
/amphicyon.php 1 -
/main 1 -
/Sanskrit.php 1 -
/CLA.php 1 -
/aa.php 2 -
END_SIDER_404

# Host - Pages - Hits - Bandwidth - Last visit date - [Start date of last visit] - [Last page of last visit]
# [Start date of last visit] and [Last page of last visit] are saved only if session is not finished
# The 25 first Hits must be first (order not required for others)
BEGIN_VISITOR 12
74.81.95.250 149 149 1434897 20250831163914
34.68.103.35 43 43 177372 20250829131525
34.122.163.68 43 43 177372 20250821043850
207.154.248.182 1 1 159433 20250807054651
172.233.188.216 1 1 0 20250823160228
198.235.24.91 1 1 159433 20250829085429
35.240.241.75 1 1 159433 20250813080603
34.124.247.165 1 1 159433 20250807223025
198.235.24.245 1 1 5513 20250829130757
132.148.165.6 1 1 159433 20250801035129
161.35.213.236 1 1 159433 20250821082451
167.94.138.125 1 2 163552 20250804012343
END_VISITOR

# Date - Pages - Hits - Bandwidth - Visits
BEGIN_DAY 31
20250801 3 3 159433 2
20250802 4 4 0 2
20250803 4 4 0 1
20250804 7 8 163552 3
20250805 4 4 0 1
20250806 4 4 0 1
20250807 12 12 797165 5
20250808 4 4 0 1
20250809 2 2 0 1
20250810 4 4 0 1
20250811 2 2 0 1
20250812 4 4 0 1
20250813 6 6 159433 3
20250814 4 4 0 1
20250815 4 4 0 1
20250816 2 2 0 1
20250817 4 4 0 1
20250818 4 4 0 1
20250819 2 2 0 1
20250820 4 4 0 1
20250821 55 55 815104 5
20250822 6 6 0 3
20250823 8 8 0 4
20250824 2 2 0 1
20250825 4 4 0 2
20250826 3 3 0 1
20250827 5 5 0 2
20250828 7 7 0 3
20250829 61 61 820617 8
20250830 3 3 0 2
20250831 6 6 0 4
END_DAY

# Session range - Number of visits
BEGIN_SESSION 6
30s-2mn 2
0s-30s 30
30mn-1h 2
5mn-15mn 1
1h+ 2
15mn-30mn 28
END_SESSION

# URL - Pages - Bandwidth - Entry - Exit
# The 25 first Pages must be first (order not required for others)
BEGIN_SIDER 6
/wp-cron.php 118 0 42 50
/xmlrpc.php 82 32882 0 2
/wp-admin/admin-ajax.php 22 0 12 2
/ 19 2869794 10 10
/wp-json/wp/v2/users/ 2 2996 0 0
/wp-login.php 1 5513 1 1
END_SIDER

# Payload Range - Payload Frequency
BEGIN_FILESIZE 5
0-44 188
2K-5K 3
5K+ 98
1K-2K 2
100-500 82
END_FILESIZE
@ Telegram