Domain civiogroup.com
United States
CLOUDFLARENET
-
Apache server-status page is publicly available
The server-status page (usually
/server-status) allows server administrators to find out how well their server is performing.This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
First seen 2022-10-23 18:16
Last seen 2023-02-26 13:52
Open for 125 days-
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31d6dd592debb6b5adce6e1942Apache Status Apache Server Status for civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Sunday, 26-Feb-2023 13:52:34 UTC Restart Time: Wednesday, 22-Feb-2023 18:50:18 UTC Parent Server Config. Generation: 75 Parent Server MPM Generation: 74 Server uptime: 3 days 19 hours 2 minutes 16 seconds Server load: 1.57 2.00 1.79 Total accesses: 227564 - Total Traffic: 1.2 GB - Total Duration: 138697548 CPU Usage: u52.24 s16.7 cu4127.34 cs235.76 - 1.35% CPU load .694 requests/sec - 4005 B/second - 5.6 kB/request - 609.488 ms/request 8 requests currently being processed, 42 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 02355558no2yes520001 12356235no3yes322000 Sum205 842001 __R_R____R____R______R___R______R_____R___________.............. ................................................................ ............................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-7423555580/25/3220_ 15.1404618669250.00.2923.78 205.169.39.63h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/31/3210_ 13.75138218528900.00.1015.76 123.183.224.70http/1.1seobiz.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/28/3274R 15.320018729810.00.4117.77 192.53.126.23h2civiogroup.com:443GET /.vscode/sftp.json HTTP/2.0 0-7423555580/26/3235_ 15.520419599200.00.2117.79 192.53.126.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/27/3134_ 15.5601517743430.00.1716.99 192.53.126.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/32/3210_ 15.365149518604790.00.0918.56 34.211.143.151http/1.1boostmarketing.com:80GET / HTTP/1.1 0-7423555580/32/3171_ 15.410120818652280.00.0817.98 2a01:7e00::f03c:93ff:feb8:115h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/21/3101_ 13.771315618165800.00.1416.93 51.222.253.20http/1.1goingup.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/38/3243_ 14.5113103718556650.00.4618.23 18.236.193.136h2civiogroup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/26/3155R 15.320018396930.00.2117.47 192.53.126.23h2civiogroup.com:443GET /server-status HTTP/2.0 0-7423555580/33/3250_ 15.540418527790.00.1817.40 192.53.126.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/26/3224_ 15.1802419675830.00.2016.09 205.169.39.63h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/26/3197_ 14.94016219413420.00.1318.71 51.222.253.8http/1.1goingup.com:80GET /webstats/bcecfb2/visitor_details.html?vid=1797566841511475 0-7423555580/29/3192_ 14.9702517531140.00.0717.51 176.223.105.152http/1.1vestaok.com:80GET /wp-content/plugins/maintenance/load/css/style.css?ver=1669 0-7423555580/29/3193_ 15.5902018925470.00.1516.38 192.53.126.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/25/3232_ 13.541311918296940.00.1516.17 66.249.75.238h2goingup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/31/3074_ 14.90132517947580.00.2619.03 213.188.80.108h2vestaok.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/23/3190_ 15.0302519026210.00.1319.45 168.151.131.226http/1.1vestaok.com:80GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 0-7423555580/24/3194_ 15.5501018052420.00.2018.93 192.53.126.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/35/3192_ 15.540418973750.00.1316.73 192.53.126.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/29/3226_ 14.461316418157050.00.1917.81 51.222.253.6http/1.1goingup.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/30/3135R 15.310018311210.00.2416.76 192.53.126.23h2civiogroup.com:443GET /.git/config HTTP/2.0 0-7423555580/28/3166_ 13.551311318146430.00.2018.20 66.249.77.84h2goingup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/31/3148_ 14.860418762160.00.3616.95 213.188.80.108h2vestaok.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/27/3164_ 15.0003418023770.00.2718.72 168.151.96.205http/1.1vestaok.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/29/2909R 13.670017721590.00.1616.30 192.53.126.23h2civiogroup.com:443GET /?rest_route=/wp/v2/users/ HTTP/2.0 1-7423562350/26/2883_ 14.5422416676180.00.1913.37 65.154.226.168h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/24/2801_ 13.8313202216370170.00.3214.40 193.226.177.45h2binarybiz.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/24/2916_ 14.11217416914570.00.1814.83 51.222.253.16http/1.1goingup.com:80GET /webstats/bcj3mut/visitor_details.html?vid=5668889705823983 1-7423562350/29/2946_ 14.730113317674380.00.2015.81 192.53.126.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/21/2830_ 14.171514818174290.00.1914.61 51.222.253.18http/1.1goingup.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/31/2880_ 14.5093716778460.00.4316.22 65.154.226.168h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/26/2774R 13.660016299810.00.2016.65 2a01:7e00::f03c:93ff:feb8:1d5h2civiogroup.com:443GET / HTTP/2.0 1-7423562350/20/2901_ 14.780417455880.00.1615.87 192.53.126.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/25/2924_ 14.34133516909450.00.2015.63 205.169.39.63h2civiogroup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/29/2906_ 13.69152217288890.00.1614.65 185.149.69.55http/1.1binarybiz.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/39/2913_ 14.3813817799810.00.5015.78 205.169.39.63h2civiogroup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/20/2853_ 13.811312516830010.00.1814.94 51.222.253.4http/1.1goingup.com:80GET /webstats/mdv2kvy/visitor_details.html?vid=8572453350909219 1-7423562350/27/2910R 13.460016686420.00.2618.05 139.144.150.23h2civiogroup.com:443GET / HTTP/2.0 1-7423562350/27/2826_ 13.18095318724890.00.2814.78 185.179.82.133http/1.1farmaceuticals.co:80POST /xmlrpc.php HTTP/1.1 1-7423562350/29/2797_ 13.3913137616828050.00.1914.75 213.188.80.108h2vestaok.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/21/2844_ 13.191511716741410.00.1215.43 51.222.253.12http/1.1goingup.com:80GET /webstats/bcecfb2/visitor_details.html?vid=1804847492088115 1-7423562350/26/2872_ 13.6613102016716490.00.1817.49 185.61.152.50http/1.1farmaceuticals.co:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/26/2857_ 14.59794116206890.00.1021.33 34.211.143.151http/1.1boostmarketing.com:80GET / HTTP/1.1 1-7423562350/19/2783_ 14.181583816275340.00.1715.18 216.245.221.82h2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/22/2877_ 14.38134617424190.00.4214.97 205.169.39.63h2civiogroup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-742356235
Found on 2023-02-26 13:52 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31d6dd592debb6b5ad7010821bApache Status Apache Server Status for civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Sunday, 26-Feb-2023 13:52:44 UTC Restart Time: Wednesday, 22-Feb-2023 18:50:18 UTC Parent Server Config. Generation: 75 Parent Server MPM Generation: 74 Server uptime: 3 days 19 hours 2 minutes 26 seconds Server load: 1.41 1.95 1.78 Total accesses: 227584 - Total Traffic: 1.2 GB - Total Duration: 138711177 CPU Usage: u52.75 s16.73 cu4127.34 cs235.76 - 1.35% CPU load .694 requests/sec - 4005 B/second - 5.6 kB/request - 609.494 ms/request 9 requests currently being processed, 41 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 02355558no0yes223000 12356235no1yes718010 Sum201 941010 ______W____K_____________R____R___R__R___R_____RR_.............. ................................................................ ............................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-7423555580/25/3220_ 15.1434618669250.00.2923.78 205.169.39.63h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/32/3211_ 15.673818529070.00.1015.77 192.53.126.23h2civiogroup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/29/3275_ 15.6042118730240.00.4117.77 192.53.126.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/27/3236_ 15.750419599300.00.2117.79 139.144.150.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/27/3134_ 15.5641517743430.00.1716.99 192.53.126.23h2civiogroup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/32/3210_ 15.363149518604790.00.0918.56 34.211.143.151http/1.1boostmarketing.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/32/3171R 15.410018652280.00.0817.98 139.144.150.23h2civiogroup.com:443GET /server-status HTTP/2.0 0-7423555580/21/3101_ 13.77315618165800.00.1416.93 51.222.253.20http/1.1goingup.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/38/3243_ 14.513103718556650.00.4618.23 18.236.193.136h2civiogroup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/27/3156_ 15.6043918397730.00.2217.48 192.53.126.23h2civiogroup.com:443GET /server-status HTTP/2.0 0-7423555580/33/3250_ 15.544418527790.00.1817.40 192.53.126.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555581/27/3225K 15.740419675920.50.2016.09 139.144.150.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/26/3197_ 14.94416219413420.00.1318.71 51.222.253.8http/1.1goingup.com:80GET /webstats/bcecfb2/visitor_details.html?vid=1797566841511475 0-7423555580/29/3192_ 14.9742517531140.00.0717.51 176.223.105.152http/1.1vestaok.com:80GET /wp-content/plugins/maintenance/load/css/style.css?ver=1669 0-7423555580/29/3193_ 15.5942018925470.00.1516.38 192.53.126.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/26/3233_ 15.673418297030.00.1516.17 192.53.126.23h2civiogroup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/31/3074_ 14.9042517947580.00.2619.03 213.188.80.108h2vestaok.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/23/3190_ 15.0342519026210.00.1319.45 168.151.131.226http/1.1vestaok.com:80GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 0-7423555580/24/3194_ 15.5541018052420.00.2018.93 192.53.126.23h2civiogroup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/35/3192_ 15.544418973750.00.1316.73 192.53.126.23h2civiogroup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/29/3226_ 14.46316418157050.00.1917.81 51.222.253.6http/1.1goingup.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/31/3136_ 15.6041218311470.00.2416.76 192.53.126.23h2civiogroup.com:443GET /.git/config HTTP/2.0 0-7423555580/29/3167_ 15.663918146620.00.2018.20 192.53.126.23h2civiogroup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/31/3148_ 14.864418762160.00.3616.95 213.188.80.108h2vestaok.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-7423555580/27/3164_ 15.0043418023770.00.2718.72 168.151.96.205http/1.1vestaok.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/30/2910R 14.910017746600.00.1616.30 139.144.150.23h2civiogroup.com:443GET / HTTP/2.0 1-7423562350/26/2883_ 14.5432416676180.00.1913.37 65.154.226.168h2civiogroup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/24/2801_ 13.833202216370170.00.3214.40 193.226.177.45h2binarybiz.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/24/2916_ 14.11317416914570.00.1814.83 51.222.253.16http/1.1goingup.com:80GET /webstats/bcj3mut/visitor_details.html?vid=5668889705823983 1-7423562350/29/2946_ 14.733113317674380.00.2015.81 192.53.126.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/22/2831W 14.940018174390.00.1914.61 139.144.150.23h2civiogroup.com:443GET /telescope/requests HTTP/2.0 1-7423562350/31/2880_ 14.5033716778460.00.4316.22 65.154.226.168h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/28/2776_ 14.97117016333490.00.2016.65 51.222.253.15http/1.1goingup.com:80GET /webstats/bcj3mut/visitor_details.html?vid=9219679873667717 1-7423562350/20/2901_ 14.783417455880.00.1615.87 192.53.126.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/25/2924R 14.3443516909450.00.2015.63 172.70.86.152http/1.1civiogroup.com:443 1-7423562350/31/2908_ 15.100417314170.00.1714.65 139.144.150.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/39/2913_ 14.384817799810.00.5015.78 205.169.39.63h2civiogroup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/20/2853R 13.810016830010.00.1814.94 139.144.150.23h2civiogroup.com:443GET /?rest_route=/wp/v2/users/ HTTP/2.0 1-7423562350/27/2910_ 13.463124416711300.00.2618.05 139.144.150.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/27/2826_ 13.18395318724890.00.2814.78 185.179.82.133http/1.1farmaceuticals.co:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/29/2797_ 13.393137616828050.00.1914.75 213.188.80.108h2vestaok.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/22/2845W 14.950016765630.00.1215.44 139.144.150.23h2civiogroup.com:443GET /.env HTTP/2.0 1-7423562350/26/2872_ 13.663102016716490.00.1817.49 185.61.152.50http/1.1farmaceuticals.co:80done, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 1-7423562350/26/2857_ 14.59394116206890.00.1021.33 34.211.143.151http/1.1boostmarketing.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/21/2785_ 15.120716275590.00.1715.18 139.144.150.23h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-7423562350/23/2878_ 14.9544617424190.00.4214.97 139.144.150.23http/1.1civiogroup.com:443GET / HTTP/2.0 1-7423562350/22/2897_ 13.974</
Found on 2023-02-26 13:52 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31d6dd592debb6b5ad63e9429aApache Status Apache Server Status for civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Saturday, 18-Feb-2023 23:19:21 UTC Restart Time: Wednesday, 08-Feb-2023 01:26:27 UTC Parent Server Config. Generation: 212 Parent Server MPM Generation: 211 Server uptime: 10 days 21 hours 52 minutes 54 seconds Server load: 315.18 314.87 315.18 Total accesses: 563740 - Total Traffic: 3.1 GB - Total Duration: 258845718 CPU Usage: u102.14 s57.03 cu10899.5 cs564.14 - 1.23% CPU load .598 requests/sec - 3531 B/second - 5.8 kB/request - 459.158 ms/request 14 requests currently being processed, 36 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 01130876no0yes916000 11129367no0yes520000 Sum200 1436000 _RR_R____L_LR_______RR_R_________R______RL______RR.............. ................................................................ ............................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process <SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-21111308760/46/8625_ 19.07913542952170.00.2345.70 51.222.253.18http/1.1goingup.com:80GET /webstats/bcj3mut/visitor_details.html?vid=1105900747537797 0-21111308760/36/8608R 18.520037331120.00.1649.05 67.205.130.223h2civiogroup.com:443GET /server-status HTTP/2.0 0-21111308760/42/8455R 17.610037801920.00.7446.42 2a03:b0c0:3:d0::83:3001h2civiogroup.com:443GET / HTTP/2.0 0-21111308760/34/8445_ 18.92412636105100.00.3445.83 216.244.66.227http/1.1goingup.com:80GET /api/pageload_activity.php?page=607 HTTP/1.1 0-21111308760/36/8441R 18.541313036835430.034.2478.93 172.70.110.204http/1.1civiogroup.com:443 0-21111308760/35/8603_ 19.5109237755400.00.8744.25 205.169.39.63h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/36/8591_ 17.744124439052040.00.3047.96 51.222.253.9h2properpbn.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/34/8383_ 19.4004535975890.00.1245.48 205.169.39.63h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/33/8407_ 18.93411835698170.00.1243.99 216.244.66.227http/1.1goingup.com:80GET /api/pageload_activity.php?page=631 HTTP/1.1 0-21111308761/38/8529L 19.430106368769711.00.3444.90 205.169.39.63h2civiogroup.com:443GET /wp-content/plugins/maintenance/load/css/fonts.css?ver=1669 0-21111308760/37/8635_ 19.7201237549320.00.2645.42 67.205.130.223h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308761/34/8548L 19.3806737490034.90.1846.24 205.169.39.63h2civiogroup.com:443GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP 0-21111308760/41/8476_ 19.7301936153310.00.5546.34 67.205.130.223h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/46/8408_ 19.43013036784760.00.1643.79 205.169.39.63h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/42/8515_ 19.510109354985610.00.2744.09 67.205.130.223h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/40/8393_ 18.60912536578320.00.1943.89 51.222.253.12http/1.1goingup.com:80GET /webstats/bcj3mut/visitor_details.html?vid=8723464080158459 0-21111308760/34/8535_ 18.59912337675070.00.1646.45 51.222.253.20h2goingup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/36/8370_ 19.14114237697920.00.4243.58 51.222.253.14http/1.1goingup.com:80GET /webstats/bdb3dkv/visitor_details.html?vid=7144921056095776 0-21111308760/30/8314_ 19.410535252670.00.4943.54 205.169.39.63h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/32/8547_ 17.714937494490.00.4944.99 179.43.185.130http/1.1 0-21111308760/38/8340R 19.051312436062830.00.1742.74 162.158.62.4http/1.1civiogroup.com:443 0-21111308760/44/8530R 19.030037218860.00.2646.06 67.205.130.223h2civiogroup.com:443GET /?rest_route=/wp/v2/users/ HTTP/2.0 0-21111308760/34/8358_ 19.06916936069700.00.4944.03 216.244.66.227http/1.1goingup.com:80GET /api/recent_came_from.php?page=124 HTTP/1.1 0-21111308760/30/8384R 18.891012538345820.00.3146.25 172.70.110.204http/1.1civiogroup.com:443 0-21111308760/33/8412_ 19.191134736056020.00.2245.62 205.169.39.63h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/44/7020_ 16.602212531393570.00.2437.02 51.222.253.19http/1.1goingup.com:80GET /webstats/bpdjsyh/visitor_details.html?vid=1245353758581611 1-21111293670/37/6952_ 17.40221132216620.00.2341.34 185.149.69.55http/1.1dfyseo.net:80POST /wp-cron.php?doing_wp_cron=1676762339.20549607276916503906 1-21111293670/37/6772_ 17.6609031914730.00.7639.09 205.169.39.63h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/45/6873_ 16.771713043379220.00.2438.57 51.222.253.8http/1.1goingup.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/35/6854_ 17.740532699770.00.1639.85 67.205.130.223h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/37/6893_ 17.5413732722150.00.2641.72 185.149.69.55h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/47/6779_ 17.411612030747900.01.1638.30 216.244.66.227http/1.1goingup.com:80GET /api/pageload_activity.php?page=899 HTTP/1.1 1-21111293670/38/6821_ 17.0917288832014880.00.2236.15 134.122.110.201h2vestaok.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/32/6895R 16.970032038040.00.1740.18 67.205.130.223h2civiogroup.com:443GET / HTTP/2.0 1-21111293670/32/6767_ 17.1011371931531180.00.1838.35 134.122.110.201h2vestaok.com:443idle, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 1-21111293670/48/6831_ 17.2611531885970.00.3238.74 185.191.171.44http/1.1credivis.com:80GET /manual/da/developer/thread_safety.html HTTP/1.1 1-21111293670/42/6846_ 17.431311934531240.00.1636.12 216.244.66.227http/1.1goingup.com:80GET /api/popular_pages.php?page=123 HTTP/1.1 1-21111293670/40/6720_ 17.231715430521070.00.1273.16 51.222.253.2http/1.1goingup.com:80GET /webstats/bdv6zvg/visitor_details.html?vid=1554787955350107 1-21111293670/40/6718_ 16.3017106731951740.00.7039.01 98.162.25.7http/1.1cannaworks.co:80POST //xmlrpc.php HTTP/1.1 1-21111293670/33/6836_ 17.402232836179230.00.1837.63 195.154.184.235http/1.1dfyseo.net:80POST /wp-login.php HTTP/1.1 1-21111293670/37/6727R 17.366212532553760.00.6037.21 172.70.230.107http/1.1civiogroup.com:443 1-21111293671/41/6918L 17.7601232275700.60.2140.60 67.205.130.223h2civiogroup.com:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-21111293670/29/6849_ 17.108352131080540.00.2438.19 134.122.110.201h2vestaok.com:443done, streams: 0/3/3/0/0 (open/recv/resp/push/rst) 1-21111293670/44/6730_ 17.750431315170.00.2438.10 67.205.130.223h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/39/6816_ 14.428532696370.00.2738.61 179.43.185.130http/1.1done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/38/6756_ 17.60011331193670.00.1640.34 205.169.39.63h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/41/6961_ 17.3828
Found on 2023-02-18 23:19 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31d6dd592debb6b5adea1ce218Apache Status Apache Server Status for civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Saturday, 18-Feb-2023 23:19:23 UTC Restart Time: Wednesday, 08-Feb-2023 01:26:27 UTC Parent Server Config. Generation: 212 Parent Server MPM Generation: 211 Server uptime: 10 days 21 hours 52 minutes 55 seconds Server load: 315.72 314.99 315.22 Total accesses: 563758 - Total Traffic: 3.1 GB - Total Duration: 258861556 CPU Usage: u102.5 s57.04 cu10899.5 cs564.14 - 1.23% CPU load .598 requests/sec - 3531 B/second - 5.8 kB/request - 459.171 ms/request 15 requests currently being processed, 35 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 01130876no0yes1015000 11129367no0yes520000 Sum200 1535000 ______RRR__R_R___R_RL__LR_R____R____R_K_L_________.............. ................................................................ ............................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-21111308760/46/8625_ 19.07113542952170.00.2345.70 51.222.253.18http/1.1goingup.com:80GET /webstats/bcj3mut/visitor_details.html?vid=1105900747537797 0-21111308760/37/8609_ 19.7411937331500.00.1749.06 67.205.130.223h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/43/8456_ 19.800159137833740.00.7546.42 2a03:b0c0:3:d0::83:3001h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/34/8445_ 18.92112636105100.00.3445.83 216.244.66.227http/1.1goingup.com:80GET /api/pageload_activity.php?page=607 HTTP/1.1 0-21111308760/37/8442_ 19.7903736836180.034.2578.93 67.205.130.223h2civiogroup.com:443GET /s/838313e273e21323e2430313/_/;/META-INF/maven/com.atlassia 0-21111308760/35/8603_ 19.5119237755400.00.8744.25 205.169.39.63h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/36/8591R 17.740039052040.00.3047.96 165.22.205.214h2civiogroup.com:443GET / HTTP/2.0 0-21111308760/34/8383R 19.400035975890.00.1245.48 165.22.205.214h2civiogroup.com:443GET /.env HTTP/2.0 0-21111308760/33/8407R 18.930035698170.00.1243.99 165.22.205.214h2civiogroup.com:443GET /server-status HTTP/2.0 0-21111308760/39/8530_ 19.900436877060.00.3444.90 67.205.130.223h2civiogroup.com:443idle, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 0-21111308760/37/8635_ 19.7211237549320.00.2645.42 67.205.130.223h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/35/8549_ 20.000937490210.00.1846.24 165.22.205.214h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/41/8476_ 19.7311936153310.00.5546.34 67.205.130.223h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/46/8408R 19.43213036784760.00.1643.79 172.70.110.82http/1.1civiogroup.com:443 0-21111308760/42/8515_ 19.511109354985610.00.2744.09 67.205.130.223h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/40/8393_ 18.60112536578320.00.1943.89 51.222.253.12http/1.1goingup.com:80GET /webstats/bcj3mut/visitor_details.html?vid=8723464080158459 0-21111308760/34/8535_ 18.59112337675070.00.1646.45 51.222.253.20h2goingup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/37/8371_ 20.0101337698190.00.4243.58 165.22.205.214h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/31/8315_ 19.900535252770.00.4943.55 67.205.130.223h2civiogroup.com:443idle, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 0-21111308760/32/8547R 17.710037494490.00.4944.99 2a03:b0c0:2:d0::eb1:f001h2civiogroup.com:443GET / HTTP/2.0 0-21111308761/39/8341L 19.7912736063380.50.1742.74 67.205.130.223h2civiogroup.com:443GET /.git/config HTTP/2.0 0-21111308760/45/8531_ 19.800130637244990.00.2646.06 67.205.130.223h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-21111308760/34/8358_ 19.06116936069700.00.4944.03 216.244.66.227http/1.1goingup.com:80GET /api/recent_came_from.php?page=124 HTTP/1.1 0-21111308761/31/8385L 19.7912238346280.50.3146.25 67.205.130.223h2civiogroup.com:443GET /debug/default/view?panel=config HTTP/2.0 0-21111308761/34/8413L 20.0002936056620.50.2245.62 165.22.205.214h2civiogroup.com:443GET /.DS_Store HTTP/2.0 1-21111293670/44/7020_ 16.60112531393570.00.2437.02 51.222.253.19http/1.1goingup.com:80GET /webstats/bpdjsyh/visitor_details.html?vid=1245353758581611 1-21111293670/37/6952R 17.400032216620.00.2341.34 165.22.205.214h2civiogroup.com:443GET /?rest_route=/wp/v2/users/ HTTP/2.0 1-21111293670/37/6772_ 17.6629031914730.00.7639.09 205.169.39.63h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/46/6874_ 17.930443379320.00.2438.57 165.22.205.214h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/35/6854_ 17.741532699770.00.1639.85 67.205.130.223h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/37/6893_ 17.5423732722150.00.2641.72 185.149.69.55h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/47/6779R 17.411712030747900.01.1638.30 172.70.110.82http/1.1civiogroup.com:443 1-21111293670/39/6822_ 17.950432014980.00.2236.15 165.22.205.214h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/33/6896_ 17.800128632063770.00.1740.18 67.205.130.223h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/32/6767_ 17.1012371931531180.00.1838.35 134.122.110.201h2vestaok.com:443idle, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 1-21111293670/48/6831_ 17.2612531885970.00.3238.74 185.191.171.44http/1.1credivis.com:80GET /manual/da/developer/thread_safety.html HTTP/1.1 1-21111293670/42/6846R 17.431411934531240.00.1636.12 172.70.110.82http/1.1civiogroup.com:443 1-21111293670/41/6721_ 17.940830521250.00.1273.16 165.22.205.214h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293671/41/6719K 17.9401931952130.50.7039.01 165.22.205.214h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/34/6837_ 17.9401536179540.00.1837.63 165.22.205.214h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293671/38/6728L 17.791932553960.50.6037.21 67.205.130.223h2civiogroup.com:443GET /telescope/requests HTTP/2.0 1-21111293670/41/6918_ 17.7601232275700.00.2140.60 67.205.130.223h2civiogroup.com:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-21111293670/29/6849_ 17.109352131080540.00.2438.19 134.122.110.201h2vestaok.com:443done, streams: 0/3/3/0/0 (open/recv/resp/push/rst) 1-21111293670/44/6730_ 17.751431315170.00.2438.10 67.205.130.223h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/39/6816_ 14.429532696370.00.2738.61 179.43.185.130http/1.1done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/38/6756_ 17.60211331193670.00.1640.34 205.169.39.63h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-21111293670/41/6961_ 17.381
Found on 2023-02-18 23:19 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31d6dd592debb6b5adcb9d9b4dApache Status Apache Server Status for civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Friday, 23-Dec-2022 23:23:49 UTC Restart Time: Wednesday, 14-Dec-2022 03:03:09 UTC Parent Server Config. Generation: 176 Parent Server MPM Generation: 175 Server uptime: 9 days 20 hours 20 minutes 39 seconds Server load: 387.49 389.86 389.77 Total accesses: 597849 - Total Traffic: 3.4 GB - Total Duration: 329162944 CPU Usage: u54.93 s42.71 cu12927.9 cs588.1 - 1.6% CPU load .703 requests/sec - 4339 B/second - 6.0 kB/request - 550.579 ms/request 25 requests currently being processed, 50 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 1758783no3yes421011 2758943no8yes1213041 3758784no11yes916070 Sum3022 25500122 .........................____RRWR___________________R_R______RW_ _RRRRR_RRR_R___RRL_R_L_RR__R________............................ ............................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-175-0/0/8800. 0.001729245324090.00.0047.32 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8758. 0.001734246391350.00.0047.53 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8758. 0.0017139745838940.00.0049.53 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8880. 0.0017139746656350.00.0048.54 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8706. 0.001745246295500.00.0079.49 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8816. 0.001726446054770.00.0048.20 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8682. 0.001726445658710.00.0048.32 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8765. 0.001725549166310.00.0050.87 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8713. 0.001730246406650.00.0049.07 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8858. 0.0017108546774340.00.0051.86 2001:4800:7818:101:be76:4eff:fe04:3ab9http/1.1farmaceuticals.co:80POST /xmlrpc.php HTTP/1.1 0-175-0/0/8704. 0.001729050841150.00.0048.02 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8591. 0.001748444988270.00.0047.47 34.76.158.233http/1.1authorityforge.com:443GET / HTTP/1.0 0-175-0/0/8709. 0.001727146577100.00.0048.95 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8608. 0.001728944701530.00.0048.31 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8776. 0.0017246050070.00.0050.17 51.222.253.3http/1.1goingup.com:80GET /analyzer/?url=www.fizzflap.com HTTP/1.1 0-175-0/0/8821. 0.001726845464940.00.0049.37 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8652. 0.0017135145387440.00.0047.10 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8614. 0.001740545473280.00.0050.15 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8612. 0.001741845503840.00.0052.08 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8662. 0.00172445835390.00.0049.72 185.149.69.55h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8654. 0.0017134345831280.00.0052.25 195.211.77.140h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8711. 0.001742247898060.00.0050.21 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8720. 0.0017173455507670.00.0049.49 51.103.21.253http/1.1creationshop.net:80GET /lnidzdke.php?Fox=d3wL7 HTTP/1.1 0-175-0/0/8705. 0.001733345728440.00.0050.49 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8656. 0.001734746967960.00.0049.85 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7586_ 0.516540904850.00.0043.82 179.43.177.154h2vestaok.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/0/7563_ 0.00534442095600.00.0042.55 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7599_ 0.09082241391380.00.0046.16 205.169.39.63h2civiogroup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/2/7431_ 0.40052341433310.00.0042.09 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7428R 0.150940449720.00.0342.84 147.182.144.10h2civiogroup.com:443GET /s/8343e2733313e27363e2237313/_/;/META-INF/maven/com.atlass 1-1757587830/2/7417R 0.467128741630810.00.0142.36 172.70.114.125http/1.1civiogroup.com:443 1-1757587830/1/7392_ 0.740939872120.00.0041.47 147.182.144.10h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/0/7389R 0.00926740560880.00.0074.16 172.70.114.242http/1.1civiogroup.com:443 1-1757587830/2/7339_ 0.46747438938920.00.0341.76 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7431_ 0.267125340900770.00.0040.98 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 1-1757587830/0/7359_ 0.00751240050170.00.0040.70 196.196.53.138h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/0/7443_ 0.006125340672330.00.0042.87 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7382_ 0.31628439483240.00.0041.98 51.222.253.10h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/0/7414_ 0.00629839457750.00.0042.61 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7418_ 0.51543739891560.00.0042.09 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7405_ 0.51614139652980.00.0044.75 51.222.253.5http/1.1goingup.com:80GET /webstats/bekmgqt/visitors.html HTTP/1.1 1-1757587830/1/7374_ 0.57331144715560.00.0041.55 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7377_ 0.381104640143150.00.0241.10 95.105.127.54http/1.1binarybiz.com:80GET /category/file-recovery/ HTTP/1.1 1-1757587830/0/7384_ 0.0039240964630.00.0043.13 51.103.21.253h2creationshop.net:443idle, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 1-1757587830/0/7419_ 0.00528444180500.00.0041.82 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/2/7371_ 0.5736240753310.00.0343.17 205.169.39.63http/1.1vestaok.com:80GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 1-1757587830/0/7348_ 0.00239339752850.00.0040.64 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7346_ 0.380131240530150.00.0042.50 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 1-1757587830/2/7406_ 0.65025164
Found on 2022-12-23 23:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31d6dd592debb6b5ad72d91db9Apache Status Apache Server Status for civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Friday, 23-Dec-2022 23:23:49 UTC Restart Time: Wednesday, 14-Dec-2022 03:03:09 UTC Parent Server Config. Generation: 176 Parent Server MPM Generation: 175 Server uptime: 9 days 20 hours 20 minutes 39 seconds Server load: 387.49 389.86 389.77 Total accesses: 597855 - Total Traffic: 3.4 GB - Total Duration: 329163113 CPU Usage: u55.22 s42.73 cu12927.9 cs588.1 - 1.6% CPU load .703 requests/sec - 4339 B/second - 6.0 kB/request - 550.573 ms/request 21 requests currently being processed, 54 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 1758783no3yes223011 2758943no8yes1015041 3758784no17yes9160101 Sum3028 21540153 ........................._____R_W___________________W_R_______W_ _RLRRR_LR__R___RRL_R_L_RR__R________............................ ............................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-175-0/0/8800. 0.001729245324090.00.0047.32 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8758. 0.001734246391350.00.0047.53 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8758. 0.0017139745838940.00.0049.53 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8880. 0.0017139746656350.00.0048.54 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8706. 0.001745246295500.00.0079.49 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8816. 0.001726446054770.00.0048.20 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8682. 0.001726445658710.00.0048.32 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8765. 0.001725549166310.00.0050.87 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8713. 0.001730246406650.00.0049.07 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8858. 0.0017108546774340.00.0051.86 2001:4800:7818:101:be76:4eff:fe04:3ab9http/1.1farmaceuticals.co:80POST /xmlrpc.php HTTP/1.1 0-175-0/0/8704. 0.001729050841150.00.0048.02 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8591. 0.001748444988270.00.0047.47 34.76.158.233http/1.1authorityforge.com:443GET / HTTP/1.0 0-175-0/0/8709. 0.001727146577100.00.0048.95 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8608. 0.001728944701530.00.0048.31 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8776. 0.0017246050070.00.0050.17 51.222.253.3http/1.1goingup.com:80GET /analyzer/?url=www.fizzflap.com HTTP/1.1 0-175-0/0/8821. 0.001726845464940.00.0049.37 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8652. 0.0017135145387440.00.0047.10 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8614. 0.001740545473280.00.0050.15 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8612. 0.001741845503840.00.0052.08 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8662. 0.00172445835390.00.0049.72 185.149.69.55h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8654. 0.0017134345831280.00.0052.25 195.211.77.140h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8711. 0.001742247898060.00.0050.21 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8720. 0.0017173455507670.00.0049.49 51.103.21.253http/1.1creationshop.net:80GET /lnidzdke.php?Fox=d3wL7 HTTP/1.1 0-175-0/0/8705. 0.001733345728440.00.0050.49 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8656. 0.001734746967960.00.0049.85 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7586_ 0.516540904850.00.0043.82 179.43.177.154h2vestaok.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/0/7563_ 0.00534442095600.00.0042.55 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7599_ 0.09082241391380.00.0046.16 205.169.39.63h2civiogroup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/2/7431_ 0.40052341433310.00.0042.09 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/2/7429_ 0.740940449720.00.0342.84 147.182.144.10h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/2/7417R 0.460041630810.00.0142.36 170.187.164.181h2civiogroup.com:443GET /info.php HTTP/2.0 1-1757587830/1/7392_ 0.740939872120.00.0041.47 147.182.144.10h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7390_ 0.750440560980.00.0074.16 170.187.164.181h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/2/7339_ 0.46047438938920.00.0341.76 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7431_ 0.260125340900770.00.0040.98 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 1-1757587830/0/7359_ 0.00751240050170.00.0040.70 196.196.53.138h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/0/7443_ 0.006125340672330.00.0042.87 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7382_ 0.31728439483240.00.0041.98 51.222.253.10h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/0/7414_ 0.00629839457750.00.0042.61 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7418_ 0.51543739891560.00.0042.09 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7405_ 0.51614139652980.00.0044.75 51.222.253.5http/1.1goingup.com:80GET /webstats/bekmgqt/visitors.html HTTP/1.1 1-1757587830/1/7374_ 0.57331144715560.00.0041.55 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7377_ 0.381104640143150.00.0241.10 95.105.127.54http/1.1binarybiz.com:80GET /category/file-recovery/ HTTP/1.1 1-1757587830/0/7384_ 0.0039240964630.00.0043.13 51.103.21.253h2creationshop.net:443idle, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 1-1757587830/0/7419_ 0.00528444180500.00.0041.82 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/2/7371_ 0.5736240753310.00.0343.17 205.169.39.63http/1.1vestaok.com:80GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 1-1757587830/0/7348_ 0.00239339752850.00.0040.64 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7346_ 0.381131240530150.00.0042.50 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 1-1757587830/2/7406_ 0.65</
Found on 2022-12-23 23:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31d6dd592debb6b5ad97015648Apache Status Apache Server Status for civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Sunday, 23-Oct-2022 18:16:13 UTC Restart Time: Thursday, 06-Oct-2022 19:36:22 UTC Parent Server Config. Generation: 335 Parent Server MPM Generation: 334 Server uptime: 16 days 22 hours 39 minutes 51 seconds Server load: 2.98 2.68 2.40 Total accesses: 1109151 - Total Traffic: 8.3 GB - Total Duration: 593712322 CPU Usage: u121.83 s107.48 cu21797.4 cs1149.52 - 1.58% CPU load .758 requests/sec - 5.9 kB/second - 7.8 kB/request - 535.285 ms/request 13 requests currently being processed, 62 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 0173331no0yes322000 13894636yes (old gen)1no00000 22602260yes (old gen)1no00000 4157538yes (old gen)1no00000 5175622no0yes718000 6175680no0yes322000 Sum633 1362000 __________RRR____________.W.......................W............. .........................................................W..._R_ R_R__R__________R_RR_____R_______R_____R_______ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-3341733310/23/15408_ 13.54121525979823560.00.09107.71 170.187.195.217h2vestaok.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3341733310/19/15200_ 13.541301172383023320.00.10140.15 159.223.170.253h2vestaok.com:443GET /info.php HTTP/2.0 0-3341733310/27/15093_ 13.686084379248480.00.19112.13 185.191.171.12http/1.1goingup.com:80GET /analyzer/?url=bajuonline.id HTTP/1.1 0-3341733310/16/15093_ 13.43132357476917350.00.04110.66 74.125.150.56h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3341733310/25/15288_ 13.841048678545270.00.11115.37 ::1http/1.1authorityforge.com:80GET / HTTP/1.1 0-3341733310/16/15153_ 13.651334078969560.00.08110.97 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8GET /login/ HTTP/1.1 0-3341733310/21/15174_ 13.60138579182840.00.07113.12 185.191.171.12http/1.1helpcenterlive.com:80GET /robots.txt HTTP/1.1 0-3341733310/17/15129_ 13.541331258677851410.00.07112.39 139.177.198.221http/1.1vestaok.com:80GET / HTTP/1.1 0-3341733310/24/14978_ 13.5347953677640370.00.13111.59 139.177.198.221http/1.1vestaok.com:80GET /info.php HTTP/1.1 0-3341733310/29/14966_ 13.4755741575394580.00.19110.18 2a03:b0c0:3:d0::11f3:8001http/1.1 0-3341733310/22/15040R 13.59141395477265590.00.14110.55 172.70.230.129http/1.1civiogroup.com:443 0-3341733310/21/15126R 13.591421740083705250.00.10110.67 172.70.114.137http/1.1civiogroup.com:443 0-3341733310/24/14992R 13.591421746180038500.00.13110.12 172.70.110.203http/1.1civiogroup.com:443 0-3341733310/24/15203_ 13.59101751378628060.00.14114.57 139.177.198.221http/1.1vestaok.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3341733310/20/14995_ 13.695267878888200.00.07111.72 216.244.66.227http/1.1goingup.com:80GET /analyzer/?url=pinup-bet-en.com HTTP/1.1 0-3341733310/22/15198_ 13.53136854578421850.00.09110.16 170.187.195.217h2vestaok.com:443GET /info.php HTTP/2.0 0-3341733310/17/15034_ 13.54551375478077270.00.08109.83 139.177.198.221http/1.1vestaok.com:80PUT /api/v2/cmdb/system/admin/admin HTTP/1.1 0-3341733310/18/15202_ 13.541361258778333860.00.12110.30 139.177.198.221http/1.1vestaok.com:80GET /server-status HTTP/1.1 0-3341733310/20/15136_ 13.7417102878881810.00.25111.10 91.90.120.14h2vestaok.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3341733310/18/14869_ 13.051331176089380.00.04107.36 139.177.198.221http/1.1 0-3341733310/17/15083_ 13.5347303175787090.00.17108.68 74.125.150.56h2goingup.com:443done, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 0-3341733310/22/15120_ 13.3310466578828650.00.04109.94 139.177.198.221http/1.1 0-3341733310/27/15125_ 13.54121598879622510.00.16112.65 139.177.198.221http/1.1vestaok.com:80GET /about HTTP/1.1 0-3341733310/19/15278_ 12.91136345679521210.00.14109.13 139.177.198.221http/1.1done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3341733310/24/14934_ 13.7815106684778860.00.11108.00 89.45.90.22h2vestaok.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10311. 0.0031373524051529050.00.0061.13 65.109.80.253http/1.1credivis.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-26038946361/0/10167W 0.00313728051697240.00.0061.46 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 1-260-0/0/10240. 0.0031373623350303910.00.0059.63 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10333. 0.0031373626748767760.00.0057.68 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10240. 0.0031373644552138840.00.0064.67 192.99.37.132h2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10270. 0.0031373624749707620.00.0062.77 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10352. 0.0031373638952787320.00.0062.19 192.99.37.132http/1.1binarybiz.com:80GET /ar/%D8%A7%D9%84%D9%82%D8%A7%D9%86%D9%88%D9%86%D9%8A%D8%A9/ 1-260-0/0/10248. 0.0031373624953127020.00.0062.27 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10266. 0.0031373631552303290.00.0094.28 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10256. 0.0031373622850083920.00.0061.11 65.109.80.253http/1.1credivis.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10187. 0.0031373623748691710.00.0062.47 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10144. 0.0031373624949241020.00.0062.89 209.141.46.253http/1.1prospectly.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10171. 0.0031373625650229140.00.0063.03 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10422. 0.0031373624051412380.00.0066.09 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10274. 0.0031373626653276900.00.0061.72 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10168. 0.0031373624450382660.00.0062.55 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10273. 0.0031373623156915380.00.0061.80 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10298. 0.0031373624654530860.00.0060.63 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10123. 0.0031373637952516550.00.0061.99 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10224. 0.003137362452964970.00.0061.86 185.149.69.55http/1.1boostmarketing.com:80POST /wp-cron.php?doing_wp_cron=1666235173.20383095741271972656 1-260-0/0/10179. 0.0031373623449091460.00.0062.59 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10230. 0.0031373624249733750.00.0061.90 65.109.80.
Found on 2022-10-23 18:16 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31d6dd592debb6b5ade030425cApache Status Apache Server Status for civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Sunday, 23-Oct-2022 18:16:13 UTC Restart Time: Thursday, 06-Oct-2022 19:36:22 UTC Parent Server Config. Generation: 335 Parent Server MPM Generation: 334 Server uptime: 16 days 22 hours 39 minutes 51 seconds Server load: 2.98 2.68 2.40 Total accesses: 1109169 - Total Traffic: 8.3 GB - Total Duration: 593712628 CPU Usage: u122.51 s107.51 cu21797.4 cs1149.52 - 1.58% CPU load .758 requests/sec - 5.9 kB/second - 7.8 kB/request - 535.277 ms/request 11 requests currently being processed, 64 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 0173331no0yes322000 13894636yes (old gen)1no00000 22602260yes (old gen)1no00000 4157538yes (old gen)1no00000 5175622no0yes421000 6175680no0yes421000 Sum633 1164000 _______L___L_______R_____.W.......................W............. .........................................................W..._R_ ____________R___R_R____LR___________WR_________ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-3341733310/23/15408_ 13.54121525979823560.00.09107.71 170.187.195.217h2vestaok.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3341733310/19/15200_ 13.541311172383023320.00.10140.15 159.223.170.253h2vestaok.com:443GET /info.php HTTP/2.0 0-3341733310/27/15093_ 13.686184379248480.00.19112.13 185.191.171.12http/1.1goingup.com:80GET /analyzer/?url=bajuonline.id HTTP/1.1 0-3341733310/16/15093_ 13.43133357476917350.00.04110.66 74.125.150.56h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3341733310/25/15288_ 13.841148678545270.00.11115.37 ::1http/1.1authorityforge.com:80GET / HTTP/1.1 0-3341733310/17/15154_ 14.000878969740.00.08110.98 157.230.99.82h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3341733310/21/15174_ 13.600579182840.00.07113.12 185.191.171.12http/1.1helpcenterlive.com:80GET /robots.txt HTTP/1.1 0-3341733311/18/15130L 14.020977851610.50.07112.39 157.230.99.82h2civiogroup.com:443GET /debug/default/view?panel=config HTTP/2.0 0-3341733310/24/14978_ 13.5347953677640370.00.13111.59 139.177.198.221http/1.1vestaok.com:80GET /info.php HTTP/1.1 0-3341733310/29/14966_ 13.4756741575394580.00.19110.18 2a03:b0c0:3:d0::11f3:8001http/1.1 0-3341733310/23/15041_ 13.910977265780.00.14110.55 167.172.246.222h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3341733311/22/15127L 13.9301983705640.50.10110.67 167.172.246.222h2civiogroup.com:443GET /.DS_Store HTTP/2.0 0-3341733310/25/14993_ 13.930980038680.00.13110.12 167.172.246.222h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3341733310/24/15203_ 13.59101751378628060.00.14114.57 139.177.198.221http/1.1vestaok.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3341733310/20/14995_ 13.695267878888200.00.07111.72 216.244.66.227http/1.1goingup.com:80GET /analyzer/?url=pinup-bet-en.com HTTP/1.1 0-3341733310/22/15198_ 13.530854578421850.00.09110.16 170.187.195.217h2vestaok.com:443GET /info.php HTTP/2.0 0-3341733310/17/15034_ 13.54561375478077270.00.08109.83 139.177.198.221http/1.1vestaok.com:80PUT /api/v2/cmdb/system/admin/admin HTTP/1.1 0-3341733310/19/15203_ 14.010878334030.00.12110.30 157.230.99.82h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3341733310/20/15136_ 13.7417102878881810.00.25111.10 91.90.120.14h2vestaok.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3341733310/18/14869R 13.050076089380.00.04107.36 157.230.99.82h2civiogroup.com:443GET /server-status HTTP/2.0 0-3341733310/17/15083_ 13.5347303175787090.00.17108.68 74.125.150.56h2goingup.com:443done, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 0-3341733310/22/15120_ 13.3310466578828650.00.04109.94 139.177.198.221http/1.1 0-3341733310/27/15125_ 13.54121598879622510.00.16112.65 139.177.198.221http/1.1vestaok.com:80GET /about HTTP/1.1 0-3341733310/19/15278_ 12.910345679521210.00.14109.13 139.177.198.221http/1.1done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3341733310/24/14934_ 13.7815106684778860.00.11108.00 89.45.90.22h2vestaok.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10311. 0.0031373624051529050.00.0061.13 65.109.80.253http/1.1credivis.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-26038946361/0/10167W 0.00313729051697240.00.0061.46 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 1-260-0/0/10240. 0.0031373623350303910.00.0059.63 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10333. 0.0031373626748767760.00.0057.68 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10240. 0.0031373644552138840.00.0064.67 192.99.37.132h2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10270. 0.0031373624749707620.00.0062.77 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10352. 0.0031373638952787320.00.0062.19 192.99.37.132http/1.1binarybiz.com:80GET /ar/%D8%A7%D9%84%D9%82%D8%A7%D9%86%D9%88%D9%86%D9%8A%D8%A9/ 1-260-0/0/10248. 0.0031373624953127020.00.0062.27 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10266. 0.0031373631552303290.00.0094.28 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10256. 0.0031373622850083920.00.0061.11 65.109.80.253http/1.1credivis.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10187. 0.0031373623748691710.00.0062.47 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10144. 0.0031373624949241020.00.0062.89 209.141.46.253http/1.1prospectly.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10171. 0.0031373625650229140.00.0063.03 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10422. 0.0031373624051412380.00.0066.09 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10274. 0.0031373626653276900.00.0061.72 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10168. 0.0031373624450382660.00.0062.55 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10273. 0.0031373623156915380.00.0061.80 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10298. 0.0031373624654530860.00.0060.63 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10123. 0.0031373637952516550.00.0061.99 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10224. 0.003137362452964970.00.0061.86 185.149.69.55http/1.1boostmarketing.com:80POST /wp-cron.php?doing_wp_cron=1666235173.20383095741271972656 1-260-0/0/10179. 0.0031373623449091460.00.0062.59 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-2
Found on 2022-10-23 18:16
-
-
Apache server-status page is publicly available
The server-status page (usually
/server-status) allows server administrators to find out how well their server is performing.This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
First seen 2022-08-25 17:58
Last seen 2022-12-23 23:23
Open for 120 days-
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb312658ac048cdc1a26e696f4c5Apache Status Apache Server Status for www.civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Friday, 23-Dec-2022 23:23:51 UTC Restart Time: Wednesday, 14-Dec-2022 03:03:09 UTC Parent Server Config. Generation: 176 Parent Server MPM Generation: 175 Server uptime: 9 days 20 hours 20 minutes 41 seconds Server load: 388.01 389.93 389.79 Total accesses: 597881 - Total Traffic: 3.4 GB - Total Duration: 329175672 CPU Usage: u56.14 s42.75 cu12927.9 cs588.1 - 1.6% CPU load .703 requests/sec - 4339 B/second - 6.0 kB/request - 550.571 ms/request 29 requests currently being processed, 46 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 1758783no13yes817090 2758943no24yes12130151 3758784no22yes9160141 Sum3059 29460382 .........................R_R__L________WR__R__LR__RR_W_______L__ LRLLRL_LR__R_____R_RL___R__R____LLL_............................ ............................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-175-0/0/8800. 0.001929245324090.00.0047.32 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8758. 0.001934246391350.00.0047.53 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8758. 0.0019139745838940.00.0049.53 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8880. 0.0019139746656350.00.0048.54 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8706. 0.001945246295500.00.0079.49 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8816. 0.001926446054770.00.0048.20 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8682. 0.001926445658710.00.0048.32 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8765. 0.001925549166310.00.0050.87 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8713. 0.001930246406650.00.0049.07 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8858. 0.0019108546774340.00.0051.86 2001:4800:7818:101:be76:4eff:fe04:3ab9http/1.1farmaceuticals.co:80POST /xmlrpc.php HTTP/1.1 0-175-0/0/8704. 0.001929050841150.00.0048.02 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8591. 0.001948444988270.00.0047.47 34.76.158.233http/1.1authorityforge.com:443GET / HTTP/1.0 0-175-0/0/8709. 0.001927146577100.00.0048.95 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8608. 0.001928944701530.00.0048.31 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8776. 0.0019246050070.00.0050.17 51.222.253.3http/1.1goingup.com:80GET /analyzer/?url=www.fizzflap.com HTTP/1.1 0-175-0/0/8821. 0.001926845464940.00.0049.37 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8652. 0.0019135145387440.00.0047.10 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8614. 0.001940545473280.00.0050.15 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8612. 0.001941845503840.00.0052.08 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8662. 0.00192445835390.00.0049.72 185.149.69.55h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8654. 0.0019134345831280.00.0052.25 195.211.77.140h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8711. 0.001942247898060.00.0050.21 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8720. 0.0019173455507670.00.0049.49 51.103.21.253http/1.1creationshop.net:80GET /lnidzdke.php?Fox=d3wL7 HTTP/1.1 0-175-0/0/8705. 0.001933345728440.00.0050.49 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8656. 0.001934746967960.00.0049.85 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7586R 0.511040904850.00.0043.82 159.65.51.215h2civiogroup.com:443GET /?rest_route=/wp/v2/users/ HTTP/2.0 1-1757587830/1/7564_ 0.841542095700.00.0042.55 159.65.51.215h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587831/2/7600L 1.0401441391680.50.0046.16 139.144.69.48h2civiogroup.com:443GET /.git/config HTTP/2.0 1-1757587830/2/7431_ 0.40252341433310.00.0042.09 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/2/7429_ 0.741940449720.00.0342.84 147.182.144.10h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587831/3/7418L 0.7512141631250.50.0142.36 170.187.164.181h2civiogroup.com:443GET /info.php HTTP/2.0 1-1757587830/1/7392_ 0.741939872120.00.0041.47 147.182.144.10h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7390_ 0.751440560980.00.0074.16 170.187.164.181h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/2/7339_ 0.46147438938920.00.0341.76 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7431_ 0.261125340900770.00.0040.98 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 1-1757587830/0/7359_ 0.00151240050170.00.0040.70 196.196.53.138h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7444_ 0.8715140673360.00.0042.87 159.65.51.215h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7382_ 0.31128439483240.00.0041.98 51.222.253.10h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7415_ 0.841539457860.00.0042.61 159.65.51.215h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587831/1/7418W 0.511039891560.00.0042.09 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7405R 0.511039652980.00.0044.75 159.65.51.215h2civiogroup.com:443GET / HTTP/2.0 1-1757587830/1/7374_ 0.57131144715560.00.0041.55 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/2/7378_ 1.020540143260.00.0241.10 139.144.69.48h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/0/7384R 0.000040964630.00.0043.13 2a01:7e00::f03c:93ff:fe76:112fh2civiogroup.com:443GET / HTTP/2.0 1-1757587830/0/7419_ 0.00128444180500.00.0041.82 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/2/7371_ 0.5716240753310.00.0343.17 205.169.39.63http/1.1vestaok.com:80GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 1-1757587831/1/7349L 1.030639752970.50.0040.65 139.144.69.48h2civiogroup.com:443GET /.DS_Store HTTP/2.0 1-1757587831/2/7347L 1.0403040530760.50.0042.51 139.144.69.48h2civiogroup.com:443GET /debug/default/view?panel=config HTTP/2.0 1-1757587830/2/7406
Found on 2022-12-23 23:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb312658ac048cdc1a26d2ccc3d3Apache Status Apache Server Status for www.civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Friday, 23-Dec-2022 23:23:49 UTC Restart Time: Wednesday, 14-Dec-2022 03:03:09 UTC Parent Server Config. Generation: 176 Parent Server MPM Generation: 175 Server uptime: 9 days 20 hours 20 minutes 40 seconds Server load: 387.49 389.86 389.77 Total accesses: 597871 - Total Traffic: 3.4 GB - Total Duration: 329167659 CPU Usage: u55.7 s42.74 cu12927.9 cs588.1 - 1.6% CPU load .703 requests/sec - 4339 B/second - 6.0 kB/request - 550.566 ms/request 24 requests currently being processed, 51 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 1758783no3yes520011 2758943no8yes916041 3758784no17yes10150101 Sum3028 24510153 .........................R____L_____R__WR_____________________W_ LRLLRL_LR__R___R_L_R_L_L___R____LRL_............................ ............................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process <SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-175-0/0/8800. 0.001829245324090.00.0047.32 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8758. 0.001834246391350.00.0047.53 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8758. 0.0018139745838940.00.0049.53 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8880. 0.0018139746656350.00.0048.54 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8706. 0.001845246295500.00.0079.49 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8816. 0.001826446054770.00.0048.20 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8682. 0.001826445658710.00.0048.32 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8765. 0.001825549166310.00.0050.87 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8713. 0.001830246406650.00.0049.07 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8858. 0.0018108546774340.00.0051.86 2001:4800:7818:101:be76:4eff:fe04:3ab9http/1.1farmaceuticals.co:80POST /xmlrpc.php HTTP/1.1 0-175-0/0/8704. 0.001829050841150.00.0048.02 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8591. 0.001848444988270.00.0047.47 34.76.158.233http/1.1authorityforge.com:443GET / HTTP/1.0 0-175-0/0/8709. 0.001827146577100.00.0048.95 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8608. 0.001828944701530.00.0048.31 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8776. 0.0018246050070.00.0050.17 51.222.253.3http/1.1goingup.com:80GET /analyzer/?url=www.fizzflap.com HTTP/1.1 0-175-0/0/8821. 0.001826845464940.00.0049.37 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8652. 0.0018135145387440.00.0047.10 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8614. 0.001840545473280.00.0050.15 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8612. 0.001841845503840.00.0052.08 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8662. 0.00182445835390.00.0049.72 185.149.69.55h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8654. 0.0018134345831280.00.0052.25 195.211.77.140h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8711. 0.001842247898060.00.0050.21 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8720. 0.0018173455507670.00.0049.49 51.103.21.253http/1.1creationshop.net:80GET /lnidzdke.php?Fox=d3wL7 HTTP/1.1 0-175-0/0/8705. 0.001833345728440.00.0050.49 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8656. 0.001834746967960.00.0049.85 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7586R 0.510040904850.00.0043.82 159.65.51.215h2civiogroup.com:443GET /?rest_route=/wp/v2/users/ HTTP/2.0 1-1757587830/1/7564_ 0.840542095700.00.0042.55 159.65.51.215h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7599_ 0.09182241391380.00.0046.16 205.169.39.63h2civiogroup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/2/7431_ 0.40152341433310.00.0042.09 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/2/7429_ 0.740940449720.00.0342.84 147.182.144.10h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587831/3/7418L 0.7502141631250.50.0142.36 170.187.164.181h2civiogroup.com:443GET /info.php HTTP/2.0 1-1757587830/1/7392_ 0.740939872120.00.0041.47 147.182.144.10h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7390_ 0.750440560980.00.0074.16 170.187.164.181h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/2/7339_ 0.46047438938920.00.0341.76 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7431_ 0.260125340900770.00.0040.98 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 1-1757587830/0/7359_ 0.00051240050170.00.0040.70 196.196.53.138h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7444_ 0.8705140673360.00.0042.87 159.65.51.215h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7382_ 0.31028439483240.00.0041.98 51.222.253.10h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7415_ 0.840539457860.00.0042.61 159.65.51.215h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587831/1/7418W 0.510039891560.00.0042.09 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7405R 0.510039652980.00.0044.75 159.65.51.215h2civiogroup.com:443GET / HTTP/2.0 1-1757587830/1/7374_ 0.57331144715560.00.0041.55 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7377_ 0.381104640143150.00.0241.10 95.105.127.54http/1.1binarybiz.com:80GET /category/file-recovery/ HTTP/1.1 1-1757587830/0/7384_ 0.0039240964630.00.0043.13 51.103.21.253h2creationshop.net:443idle, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 1-1757587830/0/7419_ 0.00628444180500.00.0041.82 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/2/7371_ 0.5736240753310.00.0343.17 205.169.39.63http/1.1vestaok.com:80GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 1-1757587830/0/7348_ 0.00239339752850.00.0040.64 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7346_ 0.381131240530150.00.0042.50 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 1-1757587830/2/7406
Found on 2022-12-23 23:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb312658ac048cdc1a2650fb0cfaApache Status Apache Server Status for www.civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Monday, 24-Oct-2022 21:32:51 UTC Restart Time: Thursday, 06-Oct-2022 19:36:22 UTC Parent Server Config. Generation: 353 Parent Server MPM Generation: 352 Server uptime: 18 days 1 hour 56 minutes 29 seconds Server load: 1.39 1.24 1.33 Total accesses: 1179945 - Total Traffic: 8.8 GB - Total Duration: 654286370 CPU Usage: u112.53 s115.42 cu23479.3 cs1244.57 - 1.6% CPU load .755 requests/sec - 5.9 kB/second - 7.8 kB/request - 554.506 ms/request 20 requests currently being processed, 55 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 0322051no0yes223000 13894636yes (old gen)1no00000 22602260yes (old gen)1no00000 3322157no11yes421061 4157538yes (old gen)1no00000 7322104no0yes1411000 Sum6314 2055061 _____________R______R____.W.......................W............. ...........RRR____R_________________.....................W...... ...............................................RRRRRRRRRR_RR__R_ __W_____ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-3523220510/1/16300_ 0.0215586983020.00.00114.05 3.239.76.121h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/16168_ 0.0015290924300.00.00146.93 185.191.171.19http/1.1goingup.com:80GET /analyzer/?url=DiaryWiree.blogspot.com HTTP/1.1 0-3523220510/0/16013_ 0.00999686714220.00.00118.32 114.119.152.231h2goingup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/1/15993_ 0.024584135040.00.00118.08 2600:3000:2710:200::1dhttp/1.1vestaok.com:80GET /.well-known/acme-challenge/Zt7sdNsfyv5-I8NAWsm_QB0oa3cjDBL 0-3523220510/0/16187_ 0.0010125085931230.00.00122.12 20.26.113.150http/1.1helpcenterlive.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/1/16021_ 0.034486196620.00.00116.92 2a05:d014:3ad:701:2b2d:df53:79eb:5ee1http/1.1vestaok.com:80GET /.well-known/acme-challenge/Gjn3I6CzVcw091BGDyllp2_gUeAmpcx 0-3523220510/1/16076_ 0.034486637830.00.00119.11 2600:1f14:804:fd01:ba3a:67af:d30f:fb7bhttp/1.1vestaok.com:80GET /.well-known/acme-challenge/Zt7sdNsfyv5-I8NAWsm_QB0oa3cjDBL 0-3523220510/1/15992_ 0.222164985187270.00.00119.25 104.244.210.57h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/15855_ 0.002787784702960.00.00117.44 114.119.152.27h2goingup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/15823_ 0.002767582051280.00.00115.80 51.222.253.2http/1.1goingup.com:80GET /webstats/bp762fa/visitor_details.html?vid=6990258322044489 0-3523220510/0/15924_ 0.0027102085164800.00.00116.75 185.225.35.205http/1.1farmaceuticals.co:80POST /wp-login.php HTTP/1.1 0-3523220510/0/16001_ 0.002770791208480.00.00117.50 114.119.152.231http/1.1goingup.com:80GET /analyzer/?url=lintasmagetan.com HTTP/1.1 0-3523220510/0/15900_ 0.00271687280410.00.00116.90 194.163.40.125http/1.1boostmarketing.com:80GET /wp-login.php HTTP/1.1 0-3523220510/0/16092R 0.002747985618150.00.00121.25 162.158.203.86http/1.1civiogroup.com:443 0-3523220510/1/15923_ 0.230886230720.00.00118.89 194.195.241.186h2civiogroup.com:443idle, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 0-3523220510/1/16095_ 0.221225786797470.00.00115.83 92.40.205.84h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/15911_ 0.00273785277500.00.00115.21 138.68.229.54http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 0-3523220510/0/16111_ 0.0027885829270.00.00116.80 185.149.69.55http/1.1farmaceuticals.co:80POST /wp-cron.php?doing_wp_cron=1666646973.28957605361938476562 0-3523220510/1/16031_ 0.280486043690.00.00117.61 194.195.241.186h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/15762_ 0.00273783348230.00.00112.50 138.68.229.54http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 0-3523220510/0/15985R 0.000083263760.00.00114.49 157.230.99.82h2civiogroup.com:443GET /server-status HTTP/2.0 0-3523220510/1/16044_ 0.221243186644730.00.00116.99 109.201.130.7h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/16051_ 0.002799590584410.00.00119.26 65.108.67.8http/1.1helpcenterlive.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/16185_ 0.00274586914340.00.00115.75 65.108.67.8http/1.1helpcenterlive.com:80GET /smf/ HTTP/1.1 0-3523220510/1/15828_ 0.220210892132950.00.00114.38 194.195.241.186h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10311. 0.0041193324051529050.00.0061.13 65.109.80.253http/1.1credivis.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-26038946361/0/10167W 0.00411926051697240.00.0061.46 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 1-260-0/0/10240. 0.0041193323350303910.00.0059.63 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10333. 0.0041193326748767760.00.0057.68 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10240. 0.0041193344552138840.00.0064.67 192.99.37.132h2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10270. 0.0041193324749707620.00.0062.77 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10352. 0.0041193338952787320.00.0062.19 192.99.37.132http/1.1binarybiz.com:80GET /ar/%D8%A7%D9%84%D9%82%D8%A7%D9%86%D9%88%D9%86%D9%8A%D8%A9/ 1-260-0/0/10248. 0.0041193324953127020.00.0062.27 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10266. 0.0041193331552303290.00.0094.28 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10256. 0.0041193322850083920.00.0061.11 65.109.80.253http/1.1credivis.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10187. 0.0041193323748691710.00.0062.47 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10144. 0.0041193324949241020.00.0062.89 209.141.46.253http/1.1prospectly.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10171. 0.0041193325650229140.00.0063.03 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10422. 0.0041193324051412380.00.0066.09 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10274. 0.0041193326653276900.00.0061.72 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10168. 0.0041193324450382660.00.0062.55 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10273. 0.0041193323156915380.00.0061.80 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10298. 0.0041193324654530860.00.0060.63 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10123. 0.0041193337952516550.00.0061.99 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10224. 0.004119332452964970.00.0061.86 185.149.69.55http/1.1boostmarketing.com:80POST /wp-cron.php?doing_wp_cron=1666235173.203830957412
Found on 2022-10-24 21:32 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb312658ac048cdc1a2666bc1dffApache Status Apache Server Status for www.civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Monday, 24-Oct-2022 21:32:51 UTC Restart Time: Thursday, 06-Oct-2022 19:36:22 UTC Parent Server Config. Generation: 353 Parent Server MPM Generation: 352 Server uptime: 18 days 1 hour 56 minutes 29 seconds Server load: 1.39 1.24 1.33 Total accesses: 1179946 - Total Traffic: 8.8 GB - Total Duration: 654286401 CPU Usage: u112.53 s115.42 cu23479.3 cs1244.57 - 1.6% CPU load .755 requests/sec - 5.9 kB/second - 7.8 kB/request - 554.505 ms/request 20 requests currently being processed, 55 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 0322051no0yes223000 13894636yes (old gen)1no00000 22602260yes (old gen)1no00000 3322157no11yes421061 4157538yes (old gen)1no00000 7322104no0yes1411000 Sum6314 2055061 _____________R______L____.W.......................W............. ...........RRR____R_________________.....................W...... ...............................................RRRRRRRWRR_RR__R_ __R_____ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-3523220510/1/16300_ 0.0215586983020.00.00114.05 3.239.76.121h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/16168_ 0.0015290924300.00.00146.93 185.191.171.19http/1.1goingup.com:80GET /analyzer/?url=DiaryWiree.blogspot.com HTTP/1.1 0-3523220510/0/16013_ 0.00999686714220.00.00118.32 114.119.152.231h2goingup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/1/15993_ 0.024584135040.00.00118.08 2600:3000:2710:200::1dhttp/1.1vestaok.com:80GET /.well-known/acme-challenge/Zt7sdNsfyv5-I8NAWsm_QB0oa3cjDBL 0-3523220510/0/16187_ 0.0010125085931230.00.00122.12 20.26.113.150http/1.1helpcenterlive.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/1/16021_ 0.034486196620.00.00116.92 2a05:d014:3ad:701:2b2d:df53:79eb:5ee1http/1.1vestaok.com:80GET /.well-known/acme-challenge/Gjn3I6CzVcw091BGDyllp2_gUeAmpcx 0-3523220510/1/16076_ 0.034486637830.00.00119.11 2600:1f14:804:fd01:ba3a:67af:d30f:fb7bhttp/1.1vestaok.com:80GET /.well-known/acme-challenge/Zt7sdNsfyv5-I8NAWsm_QB0oa3cjDBL 0-3523220510/1/15992_ 0.222164985187270.00.00119.25 104.244.210.57h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/15855_ 0.002787784702960.00.00117.44 114.119.152.27h2goingup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/15823_ 0.002767582051280.00.00115.80 51.222.253.2http/1.1goingup.com:80GET /webstats/bp762fa/visitor_details.html?vid=6990258322044489 0-3523220510/0/15924_ 0.0027102085164800.00.00116.75 185.225.35.205http/1.1farmaceuticals.co:80POST /wp-login.php HTTP/1.1 0-3523220510/0/16001_ 0.002770791208480.00.00117.50 114.119.152.231http/1.1goingup.com:80GET /analyzer/?url=lintasmagetan.com HTTP/1.1 0-3523220510/0/15900_ 0.00271687280410.00.00116.90 194.163.40.125http/1.1boostmarketing.com:80GET /wp-login.php HTTP/1.1 0-3523220510/0/16092R 0.002747985618150.00.00121.25 162.158.203.86http/1.1civiogroup.com:443 0-3523220510/1/15923_ 0.230886230720.00.00118.89 194.195.241.186h2civiogroup.com:443idle, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 0-3523220510/1/16095_ 0.221225786797470.00.00115.83 92.40.205.84h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/15911_ 0.00273785277500.00.00115.21 138.68.229.54http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 0-3523220510/0/16111_ 0.0027885829270.00.00116.80 185.149.69.55http/1.1farmaceuticals.co:80POST /wp-cron.php?doing_wp_cron=1666646973.28957605361938476562 0-3523220510/1/16031_ 0.280486043690.00.00117.61 194.195.241.186h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/15762_ 0.00273783348230.00.00112.50 138.68.229.54http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 0-3523220511/1/15986L 0.2801583264089.50.01114.50 157.230.99.82h2civiogroup.com:443GET /server-status HTTP/2.0 0-3523220510/1/16044_ 0.221243186644730.00.00116.99 109.201.130.7h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/16051_ 0.002799590584410.00.00119.26 65.108.67.8http/1.1helpcenterlive.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/16185_ 0.00274586914340.00.00115.75 65.108.67.8http/1.1helpcenterlive.com:80GET /smf/ HTTP/1.1 0-3523220510/1/15828_ 0.220210892132950.00.00114.38 194.195.241.186h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10311. 0.0041193324051529050.00.0061.13 65.109.80.253http/1.1credivis.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-26038946361/0/10167W 0.00411926051697240.00.0061.46 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 1-260-0/0/10240. 0.0041193323350303910.00.0059.63 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10333. 0.0041193326748767760.00.0057.68 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10240. 0.0041193344552138840.00.0064.67 192.99.37.132h2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10270. 0.0041193324749707620.00.0062.77 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10352. 0.0041193338952787320.00.0062.19 192.99.37.132http/1.1binarybiz.com:80GET /ar/%D8%A7%D9%84%D9%82%D8%A7%D9%86%D9%88%D9%86%D9%8A%D8%A9/ 1-260-0/0/10248. 0.0041193324953127020.00.0062.27 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10266. 0.0041193331552303290.00.0094.28 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10256. 0.0041193322850083920.00.0061.11 65.109.80.253http/1.1credivis.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10187. 0.0041193323748691710.00.0062.47 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10144. 0.0041193324949241020.00.0062.89 209.141.46.253http/1.1prospectly.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10171. 0.0041193325650229140.00.0063.03 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10422. 0.0041193324051412380.00.0066.09 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10274. 0.0041193326653276900.00.0061.72 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10168. 0.0041193324450382660.00.0062.55 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10273. 0.0041193323156915380.00.0061.80 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10298. 0.0041193324654530860.00.0060.63 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10123. 0.0041193337952516550.00.0061.99 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10224. 0.004119332452964970.00.0061.86 185.149.69.55http/1.1boostmarketing.com:80POST /wp-cron.php?doing_wp_cron=1666235173.20383095741
Found on 2022-10-24 21:32 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb312658ac042658ac04bca0e1f6Apache Status Apache Server Status for www.civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Thursday, 25-Aug-2022 17:58:18 UTC Restart Time: Thursday, 25-Aug-2022 17:57:57 UTC Parent Server Config. Generation: 1 Parent Server MPM Generation: 0 Server uptime: 20 seconds Server load: 2.70 2.72 2.62 Total accesses: 74 - Total Traffic: 989 kB - Total Duration: 14478 CPU Usage: u2.23 s.15 cu.31 cs.02 - 13.5% CPU load 3.7 requests/sec - 49.4 kB/second - 13.4 kB/request - 195.649 ms/request 7 requests currently being processed, 68 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 04097855no0yes322000 14097865no3yes322020 34097921no4yes124012 Sum307 768032 _______________RWR____________________RRR_________.............. ...........____W____________________............................ ............................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-040978550/1/1_ 0.23253530.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /.git/config HTTP/1.1 0-040978550/1/1_ 0.19328280.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /telescope/requests HTTP/1.1 0-040978550/1/1_ 0.05945450.00.020.02 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8GET /login/ HTTP/1.1 0-040978550/1/1_ 0.13492920.00.060.06 195.211.77.140http/1.1civiogroup.com:443GET / HTTP/1.1 0-040978550/1/1_ 0.14311110.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /server-status HTTP/1.1 0-040978550/1/1_ 0.2521491490.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-040978550/1/1_ 0.23237370.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /s/3138352e3134392e36392e3535/_/;/META-INF/maven/com.atlass 0-040978550/1/1_ 0.27223230.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /config.json HTTP/1.1 0-040978550/1/1_ 0.36011110.00.010.01 207.154.199.221http/1.1civiogroup.com:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-040978551/0/0W 0.000000.00.000.00 207.154.199.221http/1.1civiogroup.com:443GET /server-status HTTP/1.1 0-040978550/0/0R 0.0020000.00.000.00 207.154.199.221http/1.1civiogroup.com:443 0-040978550/1/1_ 0.34011110.00.010.01 207.154.199.221http/1.1civiogroup.com:443GET /debug/default/view?panel=config HTTP/1.1 1-040978650/1/1_ 1.0947867860.00.000.00 69.162.124.230http/1.1goingup.com:80GET / HTTP/1.1 1-040978650/1/1_ 0.861217350.00.010.01 72.208.234.5h2civiogroup.com:443idle, streams: 0/24/24/0/0 (open/recv/resp/push/rst) 1-040978650/1/1_ 1.15266660.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /info.php HTTP/1.1 1-040978650/1/1_ 1.19212120.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /login.action HTTP/1.1 1-040978650/1/1_ 1.20225250.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /api/search?folderIds=0 HTTP/1.1 1-040978650/1/1_ 1.1621111110.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET / HTTP/1.1 1-040978650/2/2_ 1.30011970.00.010.01 207.154.199.221http/1.1civiogroup.com:443GET /.DS_Store HTTP/1.1 1-040978650/1/1R 0.2115105521100.00.020.02 207.154.199.221http/1.1civiogroup.com:443 1-040978650/3/3R 0.3215442460.00.120.12 207.154.199.221http/1.1civiogroup.com:443 1-040978650/11/11R 0.68147610720.00.120.12 207.154.199.221http/1.1civiogroup.com:443 1-040978650/6/6_ 0.82131223890.00.020.02 72.208.234.5h2civiogroup.com:443idle, streams: 0/22/22/0/0 (open/recv/resp/push/rst) 1-040978650/1/1_ 0.8213990.00.000.00 185.149.69.55http/1.1vestaok.com:80POST /wp-cron.php?doing_wp_cron=1661450284.84798288345336914062 1-040978650/1/1_ 0.841247950.00.010.01 72.208.234.5h2civiogroup.com:443idle, streams: 0/23/23/0/0 (open/recv/resp/push/rst) 1-040978650/1/1_ 0.871115300.00.000.00 72.208.234.5h2civiogroup.com:443idle, streams: 0/25/25/0/0 (open/recv/resp/push/rst) 1-040978650/4/4_ 1.044923430.00.440.44 72.208.234.5h2civiogroup.com:443idle, streams: 0/4/4/0/0 (open/recv/resp/push/rst) 1-040978650/1/1_ 1.10322220.00.000.00 185.149.69.55http/1.1boostmarketing.com:80POST /wp-cron.php?doing_wp_cron=1661450294.39958190917968750000 1-040978650/1/1_ 1.1039039030.00.000.00 114.119.139.59http/1.1boostmarketing.com:80GET /robots.txt HTTP/1.1 2-0-0/0/1. 0.001673730.00.000.00 72.208.234.5http/1.1a2-los-web.cloudsyhosting.com:8GET /datalogstatus.php HTTP/1.1 2-0-0/0/10. 0.00161111810.00.000.05 72.208.234.5h2civiogroup.com:443done, streams: 0/0/0/0/0 (open/recv/resp/push/rst) 3-040979210/1/1_ 0.10149490.00.000.00 207.154.199.221h2done, streams: 0/0/0/0/0 (open/recv/resp/push/rst) 3-040979210/2/2_ 0.500162300.00.010.01 207.154.199.221http/1.1civiogroup.com:443GET /.git/config HTTP/1.1 3-040979210/1/1_ 0.51011110.00.010.01 207.154.199.221http/1.1civiogroup.com:443GET /.env HTTP/1.1 3-040979210/2/2_ 0.27348480.00.000.00 207.154.241.99http/1.1authorityforge.com:80HELP 3-040979210/1/1_ 0.34340400.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /debug/default/view?panel=config HTTP/1.1 3-040979210/1/1_ 0.042186718670.00.000.00 207.154.199.221http/1.1 3-040979210/1/1_ 0.28397319470.00.020.02 69.162.124.230h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 3-040979210/1/1_ 0.34349490.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /.env HTTP/1.1 3-040979210/2/2_ 0.24374740.00.010.01 207.154.199.221http/1.1authorityforge.com:443HELP 3-040979210/1/1_ 0.163000.00.000.00 207.154.241.99http/1.1authorityforge.com:80\x16\x03\x01\x01\x05\x01 3-040979210/1/1_ 0.34334340.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 3-040979210/1/1_ 0.35211110.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /v2/_catalog HTTP/1.1 3-040979210/1/1_ 0.34344440.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /.DS_Store HTTP/1.1 3-040979210/1/1_ 0.49012120.00.010.01 207.154.199.221http/1.1civiogroup.com:443GET /telescope/requests HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot mod_fcgid status: Total FastCGI processes: 1 Process: .php-fcgi-starter (/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter) PidActiveIdleAccessesState 40980672093Ready Active and Idle are time active and time since last request, in seconds.
Found on 2022-08-25 17:58
-
-
Apache server-status page is publicly available
The server-status page (usually
/server-status) allows server administrators to find out how well their server is performing.This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
First seen 2022-08-25 17:58-
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb312658ac042658ac04234aa094Apache Status Apache Server Status for www.civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Thursday, 25-Aug-2022 17:58:14 UTC Restart Time: Thursday, 25-Aug-2022 17:57:57 UTC Parent Server Config. Generation: 1 Parent Server MPM Generation: 0 Server uptime: 17 seconds Server load: 2.68 2.72 2.62 Total accesses: 55 - Total Traffic: 922 kB - Total Duration: 13724 CPU Usage: u1.62 s.13 cu.31 cs.02 - 12.2% CPU load 3.24 requests/sec - 54.2 kB/second - 16.8 kB/request - 249.527 ms/request 5 requests currently being processed, 70 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 04097855no0yes124000 14097865no3yes223020 34097921no1yes223001 Sum304 570021 ________W_____________________W___W_______________.............. ...........___________W_______R_____............................ ............................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-040978551/0/0W 0.000000.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /telescope/requests HTTP/1.1 0-040978550/1/1_ 0.05645450.00.020.02 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8GET /login/ HTTP/1.1 0-040978550/1/1_ 0.13192920.00.060.06 195.211.77.140http/1.1civiogroup.com:443GET / HTTP/1.1 0-040978551/0/0W 0.000000.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /server-status HTTP/1.1 0-040978551/0/0W 0.000000.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 1-040978650/1/1_ 1.0917867860.00.000.00 69.162.124.230http/1.1goingup.com:80GET / HTTP/1.1 1-040978650/1/1_ 0.86917350.00.010.01 72.208.234.5h2civiogroup.com:443idle, streams: 0/24/24/0/0 (open/recv/resp/push/rst) 1-040978651/0/0W 0.000000.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /info.php HTTP/1.1 1-040978651/0/0W 0.000000.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET / HTTP/1.1 1-040978650/1/1_ 0.021342850.00.000.00 72.208.234.5h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-040978650/1/1_ 0.2112105521100.00.020.02 72.208.234.5h2civiogroup.com:443idle, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 1-040978650/3/3_ 0.3212442460.00.120.12 72.208.234.5h2civiogroup.com:443idle, streams: 0/5/5/0/0 (open/recv/resp/push/rst) 1-040978650/11/11_ 0.68117610720.00.120.12 72.208.234.5h2civiogroup.com:443idle, streams: 0/16/16/0/0 (open/recv/resp/push/rst) 1-040978650/6/6_ 0.82101223890.00.020.02 72.208.234.5h2civiogroup.com:443idle, streams: 0/22/22/0/0 (open/recv/resp/push/rst) 1-040978650/1/1_ 0.8210990.00.000.00 185.149.69.55http/1.1vestaok.com:80POST /wp-cron.php?doing_wp_cron=1661450284.84798288345336914062 1-040978650/1/1_ 0.84947950.00.010.01 72.208.234.5h2civiogroup.com:443idle, streams: 0/23/23/0/0 (open/recv/resp/push/rst) 1-040978650/1/1_ 0.87815300.00.000.00 72.208.234.5h2civiogroup.com:443idle, streams: 0/25/25/0/0 (open/recv/resp/push/rst) 1-040978650/4/4_ 1.041923430.00.440.44 72.208.234.5h2civiogroup.com:443idle, streams: 0/4/4/0/0 (open/recv/resp/push/rst) 1-040978650/1/1_ 1.10022220.00.000.00 185.149.69.55http/1.1boostmarketing.com:80POST /wp-cron.php?doing_wp_cron=1661450294.39958190917968750000 1-040978650/1/1_ 1.1009039030.00.000.00 114.119.139.59http/1.1boostmarketing.com:80GET /robots.txt HTTP/1.1 2-0-0/0/1. 0.001373730.00.000.00 72.208.234.5http/1.1a2-los-web.cloudsyhosting.com:8GET /datalogstatus.php HTTP/1.1 2-0-0/0/10. 0.00131111810.00.000.05 72.208.234.5h2civiogroup.com:443done, streams: 0/0/0/0/0 (open/recv/resp/push/rst) 3-040979210/1/1_ 0.101049490.00.000.00 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 3-040979210/1/1_ 0.1162142140.00.000.00 185.149.69.55http/1.1vestaok.com:80POST /wp-admin/upgrade.php?step=upgrade_db HTTP/1.1 3-040979210/2/2_ 0.27048480.00.000.00 207.154.241.99http/1.1authorityforge.com:80HELP 3-040979210/1/1_ 0.0411186718670.00.000.00 ::1http/1.1authorityforge.com:80GET / HTTP/1.1 3-040979210/1/1_ 0.28097319470.00.020.02 69.162.124.230h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 3-040979211/0/0W 0.000000.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /.env HTTP/1.1 3-040979210/2/2_ 0.24074740.00.010.01 207.154.199.221http/1.1authorityforge.com:443HELP 3-040979210/1/1_ 0.160000.00.000.00 207.154.241.99http/1.1authorityforge.com:80\x16\x03\x01\x01\x05\x01 3-040979210/0/0R 0.0017000.00.000.00 3-040979211/0/0W 0.000000.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /.DS_Store HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot mod_fcgid status: Total FastCGI processes: 1 Process: .php-fcgi-starter (/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter) PidActiveIdleAccessesState 40980671763Ready Active and Idle are time active and time since last request, in seconds. SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 18subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 288 seconds, (range: 282...299)index usage: 0%, cache usage: 0%total entries stored since starting: 18total entries replaced since starting: 0total entries expired since starting: 0total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 0 hit, 1 misstotal removes since starting: 0 hit, 0 miss
Found on 2022-08-25 17:58
-