[ SEA-GHOST MINI SHELL]

Path : /home/artemisi/tmp/awstats/ssl/
FILE UPLOADER :
Current File : /home/artemisi/tmp/awstats/ssl/awstats012024.shubal.artemisiaink.com.txt

AWSTATS DATA FILE 7.8 (build 20200416)
# If you remove this file, all statistics for date 202401 will be lost/reset.
# Last config file used to build this data file was /home/artemisi/tmp/awstats/ssl/awstats.shubal.artemisiaink.com.conf.

# Position (offset in bytes) in this file for beginning of each section for
# direct I/O access. If you made changes somewhere in this file, you should
# also remove completely the MAP section (AWStats will rewrite it at next
# update).
BEGIN_MAP 28
POS_GENERAL 2024                
POS_TIME 2702                
POS_VISITOR 7896                
POS_DAY 9977                
POS_DOMAIN 3413                
POS_LOGIN 3788                
POS_ROBOT 3943                
POS_WORMS 4357                
POS_EMAILSENDER 4488                
POS_EMAILRECEIVER 4631                
POS_SESSION 10603               
POS_SIDER 10761               
POS_FILETYPES 4766                
POS_DOWNLOADS 4920                
POS_OS 4968                
POS_BROWSER 5206                
POS_SCREENSIZE 5737                
POS_UNKNOWNREFERER 5811                
POS_UNKNOWNREFERERBROWSER 6299                
POS_ORIGIN 6739                
POS_SEREFERRALS 6873                
POS_PAGEREFS 7017                
POS_SEARCHWORDS 7264                
POS_KEYWORDS 7416                
POS_MISC 2366                
POS_ERRORS 7475                
POS_CLUSTER 3644                
POS_SIDER_404 7587                
END_MAP

# LastLine    = Date of last record processed - Last record line number in last log - Last record offset in last log - Last record signature value
# FirstTime   = Date of first visit for history file
# LastTime    = Date of last visit for history file
# LastUpdate  = Date of last update - Nb of parsed records - Nb of parsed old records - Nb of parsed new records - Nb of parsed corrupted - Nb of parsed dropped
# TotalVisits = Number of visits
# TotalUnique = Number of unique visitors
# MonthHostsKnown   = Number of hosts known
# MonthHostsUnKnown = Number of hosts unknown
BEGIN_GENERAL 8
LastLine 20240201002834 14 3055 13075938863349
FirstTime 20240101090405
LastTime 20240131003503
LastUpdate 20240201074610 14 0 13 0 0
TotalVisits 52                  
TotalUnique 51                  
MonthHostsKnown 0                   
MonthHostsUnknown 51                  
END_GENERAL

# Misc ID - Pages - Hits - Bandwidth
BEGIN_MISC 10
JavascriptDisabled 0 0 0
FlashSupport 0 0 0
WindowsMediaPlayerSupport 0 0 0
TotalMisc 0 0 0
PDFSupport 0 0 0
AddToFavourites 0 9 0
RealPlayerSupport 0 0 0
JavaEnabled 0 0 0
QuickTimeSupport 0 0 0
DirectorSupport 0 0 0
END_MISC

# Hour - Pages - Hits - Bandwidth - Not viewed Pages - Not viewed Hits - Not viewed Bandwidth
BEGIN_TIME 24
0 1 1 12126 37 49 59238
1 2 2 24277 39 59 85972
2 0 0 0 20 32 6817
3 2 5 85780 30 39 92862
4 1 1 12146 25 52 47980
5 2 2 74444 31 59 87445
6 1 1 12141 34 46 47072
7 2 2 49360 34 45 20555
8 1 1 37228 55 64 13209
9 1 1 12131 43 67 87681
10 4 4 123802 27 39 45678
11 3 3 61489 27 39 19541
12 3 9 97954 32 42 82092
13 1 1 12136 39 52 158969
14 4 4 48575 25 39 56345
15 1 1 12145 23 36 6931
16 4 4 98723 42 60 48422
17 6 6 148096 29 48 9500
18 5 5 85813 28 43 45972
19 1 1 12148 22 33 6609
20 2 2 49360 24 46 58658
21 1 5 60690 27 40 20177
22 4 4 73652 22 31 43553
23 1 1 12145 21 31 6389
END_TIME

# Domain - Pages - Hits - Bandwidth
# The 25 first Pages must be first (order not required for others)
BEGIN_DOMAIN 12
us 19 26 315649
ca 15 15 533256
cn 5 5 135935
de 3 3 36436
vn 2 2 24289
gr 2 2 24273
in 2 2 24271
fr 1 1 12146
ru 1 1 12143
md 1 7 73671
cl 1 1 12145
id 1 1 12147
END_DOMAIN

# Cluster ID - Pages - Hits - Bandwidth
BEGIN_CLUSTER 0
END_CLUSTER

# Login - Pages - Hits - Bandwidth - Last visit
# The 10 first Pages must be first (order not required for others)
BEGIN_LOGIN 0
END_LOGIN

# Robot ID - Hits - Bandwidth - Last visit - Hits on robots.txt
# The 25 first Hits must be first (order not required for others)
BEGIN_ROBOT 7
no_user_agent 16 595564 20240131051144 0
unknown 9 260 20240125112819 9
survey 4 148876 20240131185444 0
curl 3 111677 20240117015305 0
Offline[\x20]Explorer/ 1 843 20240125211638 0
Googlebot\-Mobile/ 1 12138 20240125211638 0
(firefox/)([0-9]\.|[0-1][0]\.) 1 12135 20240126033529 0
END_ROBOT

# Worm ID - Hits - Bandwidth - Last visit
# The 5 first Hits must be first (order not required for others)
BEGIN_WORMS 0
END_WORMS

# EMail - Hits - Bandwidth - Last visit
# The 20 first Hits must be first (order not required for others)
BEGIN_EMAILSENDER 0
END_EMAILSENDER

# EMail - Hits - Bandwidth - Last visit
# The 20 first hits must be first (order not required for others)
BEGIN_EMAILRECEIVER 0
END_EMAILRECEIVER

# Files type - Hits - Bandwidth - Bandwidth without compression - Bandwidth after compression
BEGIN_FILETYPES 5
php 20 242907 0 0
html 31 802638 0 0
js 13 146528 0 0
env 1 12141 0 0
Unknown 1 12147 0 0
END_FILETYPES

# Downloads - Hits - Bandwidth
BEGIN_DOWNLOADS 0
END_DOWNLOADS

# OS ID - Hits
BEGIN_OS ID - Hits - Pages 13
bsdnetbsd 1 0
macosx11 1 0
androidkitkat 1 0
macosx14 1 0
winxp 1 0
linuxubuntu 1 1
ios_iphone 2 2
androidpie 1 0
linux 25 24
Unknown 20 19
win10 3 1
macosx15 2 1
win7 7 5
END_OS

# Browser ID - Hits - Pages
BEGIN_BROWSER 24
chrome25.0.1364.160 1 1
chrome76.0.3809.89 1 0
chrome74.0.3729.180 1 1
edge14 1 1
chrome58.0.3029.110 1 0
chrome61.0.3163.100 1 0
iphone 1 1
chrome68.0.3440.75 1 0
chrome63.0.3239.132 1 1
chrome98.0.4758.102 1 0
firefox38.0 1 0
chrome70.0.3538.77 1 1
firefox95.0 20 20
chrome100.0.4889.0 1 0
chrome75.0.3770.145 1 0
chrome108.0.0.0 3 3
mozilla 5 5
safari15.0 1 1
firefox15.0 1 0
chrome71.0.2623.112 3 3
chrome45.0.2454.94 1 0
safari12.1 1 1
Unknown 16 14
chrome100.0.4896.127 1 0
END_BROWSER

# Screen size - Hits
BEGIN_SCREENSIZE 0
END_SCREENSIZE

# Unknown referer OS - Last visit date
BEGIN_UNKNOWNREFERER 3
Expanse,_a_Palo_Alto_Networks_company,_searches_across_the_global_IPv4_space_multiple_times_per_day_to_identify_customers'_presences_on_the_Internet._If_you_would_like_to_be_excluded_from_our_scans,_please_send_IP_addresses/domains_to:_scaninfo@paloaltonetworks.com 20240130202015
Mozilla/5.0_(compatible;_CensysInspect/1.1;__https://about.censys.io/) 20240131003503
EmailWolf_1.00 20240117125648
END_UNKNOWNREFERER

# Unknown referer Browser - Last visit date
BEGIN_UNKNOWNREFERERBROWSER 3
Expanse,_a_Palo_Alto_Networks_company,_searches_across_the_global_IPv4_space_multiple_times_per_day_to_identify_customers'_presences_on_the_Internet._If_you_would_like_to_be_excluded_from_our_scans,_please_send_IP_addresses/domains_to:_scaninfo@paloaltonetworks.com 20240130202015
NetSurf/1.2_(NetBSD;_amd64) 20240126033529
EmailWolf_1.00 20240117125648
END_UNKNOWNREFERERBROWSER

# Origin - Pages - Hits 
BEGIN_ORIGIN 6
From0 33 46
From1 0 0
From2 0 0
From3 20 20
From4 0 0
From5 0 0
END_ORIGIN

# Search engine referers ID - Pages - Hits
BEGIN_SEREFERRALS 0
END_SEREFERRALS

# External page referers - Pages - Hits
# The 25 first Pages must be first (order not required for others)
BEGIN_PAGEREFS 2
http://cpanel.shubalananda.com/wp-login.php 11 11
http://webmail.shubalananda.com/wp-login.php 9 9
END_PAGEREFS

# Search keyphrases - Number of search
# The 10 first number of search must be first (order not required for others)
BEGIN_SEARCHWORDS 0
END_SEARCHWORDS

# Search keywords - Number of search
# The 25 first number of search must be first (order not required for others)
BEGIN_KEYWORDS 0
END_KEYWORDS

# Errors - Hits - Bandwidth
BEGIN_ERRORS 3
301 954 212503
503 43 0
401 50 2158
END_ERRORS

# URL with 404 errors - Hits - Last URL referrer
BEGIN_SIDER_404 0
END_SIDER_404

# Host - Pages - Hits - Bandwidth - Last visit date - [Start date of last visit] - [Last page of last visit]
# [Start date of last visit] and [Last page of last visit] are saved only if session is not finished
# The 25 first Hits must be first (order not required for others)
BEGIN_VISITOR 51
199.45.154.16 2 2 24266 20240119140751
101.68.211.2 2 2 49357 20240125112530
205.210.31.148 1 1 37228 20240117170359
159.89.27.65 1 1 12136 20240118135838
183.136.225.14 1 1 37216 20240124105114
198.235.24.71 1 1 37216 20240119034332
78.41.237.10 1 1 12146 20240129174409
92.205.4.253 1 1 12146 20240126045736
185.220.175.9 1 1 12143 20240115164823
183.136.225.44 1 1 37216 20240120050415
198.235.24.36 1 1 37228 20240127082237
68.178.145.193 1 1 12147 20240122125322
190.96.76.26 1 1 12145 20240101232527
176.123.7.11 1 7 73671 20240117125048
198.235.24.182 1 1 37228 20240102072031
173.236.140.156 1 1 12143 20240111174743
199.45.154.48 1 1 12126 20240131003503
198.235.24.153 1 1 37216 20240115222558
103.120.176.201 1 1 12140 20240113013802
72.167.253.235 1 1 12147 20240104173257
173.201.191.223 1 1 12146 20240128182239
208.109.63.235 1 1 12147 20240122141421
165.22.58.178 1 1 12147 20240103224222
198.235.24.234 1 1 37228 20240112053518
198.235.24.155 1 1 37216 20240105174253
44.222.237.239 1 5 60690 20240125211539
125.212.218.5 1 1 12141 20240103183114
198.235.24.100 1 1 37228 20240106100008
120.48.112.141 1 1 12146 20240108224957
14.225.5.148 1 1 12148 20240107183656
205.210.31.159 1 1 37228 20240130202015
31.220.0.86 1 1 12147 20240115143932
92.118.39.249 1 1 12137 20240118011544
205.210.31.236 1 1 37216 20240112104413
199.45.154.50 1 1 12132 20240122200830
132.148.214.50 1 1 12148 20240129195949
167.99.114.51 1 1 12136 20240104121246
3.235.10.33 1 4 48564 20240126033419
103.248.61.25 1 1 12131 20240101090405
18.220.189.99 1 1 12141 20240127061342
198.235.24.69 1 1 37216 20240110161823
205.210.31.19 1 1 37228 20240110185426
199.168.184.42 1 1 12145 20240108155707
212.227.149.137 1 1 12143 20240101220452
102.129.40.35 1 1 12147 20240117143451
192.169.148.26 1 1 12142 20240124105609
148.72.232.138 1 1 12150 20240104181645
198.235.24.82 1 1 37216 20240102173427
199.45.155.32 1 1 12132 20240102072050
178.128.227.216 1 1 12136 20240109163830
198.235.24.140 1 1 37228 20240119163505
END_VISITOR

# Date - Pages - Hits - Bandwidth - Visits
BEGIN_DAY 27
20240101 3 3 36419 3
20240102 4 4 98708 4
20240103 2 2 24288 2
20240104 3 3 36433 3
20240105 1 1 37216 1
20240106 1 1 37228 1
20240107 1 1 12148 1
20240108 2 2 24291 2
20240109 1 1 12136 1
20240110 2 2 74444 2
20240111 1 1 12143 1
20240112 2 2 74444 2
20240113 1 1 12140 1
20240115 3 3 61506 3
20240117 3 9 123046 3
20240118 2 2 24273 2
20240119 3 3 86578 3
20240120 1 1 37216 1
20240122 3 3 36426 3
20240124 2 2 49358 2
20240125 3 7 110047 2
20240126 2 5 60710 2
20240127 2 2 49369 2
20240128 1 1 12146 1
20240129 2 2 24294 2
20240130 1 1 37228 1
20240131 1 1 12126 1
END_DAY

# Session range - Number of visits
BEGIN_SESSION 2
0s-30s 51
5mn-15mn 1
END_SESSION

# URL - Pages - Bandwidth - Entry - Exit
# The 25 first Pages must be first (order not required for others)
BEGIN_SIDER 4
/ 31 802638 30 30
/wp-login.php 20 242907 20 20
/.git/config 1 12147 1 1
/.env 1 12141 1 1
END_SIDER

SEA-GHOST - SHELL CODING BY SEA-GHOST