Domain ftp.winnerpropest.com
Thailand
CS LOXINFO Public Company Limited.
-
Apache server-status page is publicly available
The server-status page (usually
/server-status) allows server administrators to find out how well their server is performing.This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
First seen 2023-03-07 06:47
Last seen 2024-02-01 22:24
Open for 331 days-
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3125900f4a25900f4a05bcc70eApache Status Apache Server Status for ftp.winnerpropest.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Friday, 02-Feb-2024 05:24:09 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 93 Parent Server MPM Generation: 92 Server uptime: 27 days 19 hours 22 minutes 48 seconds Server load: 2.08 2.11 2.29 Total accesses: 1843427 - Total Traffic: 23.8 GB - Total Duration: 2140669377 CPU Usage: u171.19 s103.81 cu32089.3 cs2210.25 - 1.44% CPU load .767 requests/sec - 10.4 kB/second - 13.5 kB/request - 1161.24 ms/request 4 requests currently being processed, 124 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 029373no0yes032000 229661no0yes230000 329394no0yes230000 529374no0yes032000 Sum400 4124000 ________________________________................................ _______R____R_________________________________________________WW ................................________________________________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-92293730/2/14750_ 0.9510160256510.00.00193.63 137.184.150.232h2localhost:443[0/0] Software caused connection abort 0-92293730/4/15247_ 1.2510138991510.00.00198.86 159.203.63.67http/1.1localhost:80GET /.DS_Store HTTP/1.1 0-92293730/6/14819_ 1.2510150306000.00.02192.59 159.203.94.228http/1.1localhost:80GET /_all_dbs HTTP/1.1 0-92293730/1/14994_ 1.1610145868920.00.00185.88 178.62.3.65http/1.1 0-92293730/4/14902_ 1.1700147705710.00.00185.27 104.236.193.132h2localhost:443[0/0] Software caused connection abort 0-92293730/2/15129_ 1.1707156637840.00.00188.41 143.110.156.182http/1.1localhost:80GET /server-status HTTP/1.1 0-92293730/5/14805_ 1.1710145560300.00.00200.10 159.203.94.228http/1.1localhost:80GET / HTTP/1.1 0-92293730/4/15111_ 0.9930150176770.00.00187.50 137.184.150.232http/1.1localhost:443GET / HTTP/1.1 0-92293730/4/15071_ 1.1700145202620.00.00229.80 159.223.102.13http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 0-92293730/4/15198_ 1.26020148852840.00.04194.76 143.110.156.182http/1.1localhost:80GET /server-status HTTP/1.1 0-92293730/3/14763_ 1.2600154280290.00.00200.59 159.203.94.228http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-92293730/4/14777_ 0.9730147100290.00.00195.37 35.203.211.196http/1.1 0-92293730/2/14633_ 0.9720137181630.00.00185.36 161.35.190.56h2localhost:443[0/0] Software caused connection abort 0-92293730/4/14795_ 1.0430169077050.00.00185.93 159.203.94.228http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-92293730/3/15749_ 0.8830141537710.00.00187.66 159.223.108.26http/1.1localhost:443GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-92293730/5/14797_ 1.1820165338270.00.00182.39 159.203.63.67http/1.1localhost:80GET /login.action HTTP/1.1 0-92293730/2/14841_ 0.9720143397110.00.00206.26 178.62.3.65http/1.1localhost:80GET /.env HTTP/1.1 0-92293730/5/14912_ 0.9720144873370.00.02189.20 104.236.193.132http/1.1 0-92293730/3/14731_ 1.1820160242960.00.00200.48 167.172.20.95http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-92293730/4/14949_ 1.0510144636730.00.00193.68 161.35.190.56h2localhost:443[0/0] Software caused connection abort 0-92293730/3/14940_ 0.9710181441010.00.00193.26 104.236.193.132h2localhost:443[0/0] Software caused connection abort 0-92293730/3/14968_ 0.9720146988050.00.00203.98 178.62.3.65http/1.1localhost:80GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-92293730/5/15423_ 1.1820150747990.00.02188.14 143.110.156.182http/1.1localhost:80GET /about HTTP/1.1 0-92293730/3/14634_ 1.2220138763910.00.00190.05 165.22.74.203http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 0-92293730/5/14929_ 1.0520162204740.00.00186.78 159.223.102.13http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-92293730/4/14607_ 0.9810135973340.00.00196.85 178.62.3.65http/1.1 0-92293730/1/15108_ 0.9510144712670.00.00194.45 178.62.3.65http/1.1localhost:80GET / HTTP/1.1 0-92293730/5/14890_ 1.2510159153060.00.00213.25 159.203.94.228http/1.1localhost:80GET /login.action HTTP/1.1 0-92293730/4/14691_ 0.8310152163300.00.00175.81 104.236.193.132h2localhost:443[0/0] Software caused connection abort 0-92293730/4/15152_ 1.2410135099370.00.00225.04 165.22.74.203http/1.1localhost:80GET /v2/_catalog HTTP/1.1 0-92293730/5/14624_ 1.1700155554060.00.00199.08 159.203.44.43http/1.1 0-92293730/1/14891_ 0.9510145814240.00.00184.99 178.128.151.41http/1.1localhost:80GET /v2/_catalog HTTP/1.1 1-92-0/0/15731. 0.0042350138364770.00.00219.29 137.184.162.65http/1.1localhost:80GET /.git/config HTTP/1.1 1-92-0/0/15813. 0.0042350136849580.00.00198.68 139.144.150.23http/1.1localhost:443GET /login.action HTTP/1.1 1-92-0/0/15602. 0.0042350174090190.00.00199.96 159.203.44.43h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15318. 0.0042350150896030.00.00189.46 164.92.84.255http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 1-92-0/0/15276. 0.0042350146566320.00.00197.93 159.203.44.43http/1.1localhost:443GET /.git/config HTTP/1.1 1-92-0/0/15655. 0.0042350134151790.00.00198.79 139.144.150.23http/1.1localhost:443GET /.DS_Store HTTP/1.1 1-92-0/0/15351. 0.0042350172789920.00.00188.15 159.223.102.13http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-92-0/0/15185. 0.0042350165483380.00.00189.07 64.227.126.135h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15335. 0.0042350127395500.00.00211.76 134.122.34.144http/1.1localhost:443GET /telescope/requests HTTP/1.1 1-92-0/0/14956. 0.0042350152319130.00.00188.74 159.203.44.43http/1.1localhost:443GET / HTTP/1.1 1-92-0/0/15041. 0.0042350148013860.00.00204.86 164.92.84.255http/1.1localhost:443GET /login.action HTTP/1.1 1-92-0/0/15506. 0.0042350159268070.00.00208.73 139.144.96.150http/1.1localhost:443GET /config.json HTTP/1.1 1-92-0/0/15329. 0.0042350159504030.00.00200.56 45.55.193.222http/1.1localhost:443GET /telescope/requests HTTP/1.1 1-92-0/0/15189. 0.0042350137016410.00.00183.04 159.223.102.13http/1.1localhost:80GET /config.json HTTP/1.1 1-92-0/0/15367. 0.00
Found on 2024-02-01 22:24 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3125900f4a25900f4a09e3d527Apache Status Apache Server Status for ftp.winnerpropest.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Monday, 08-Jan-2024 00:27:33 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 9 Parent Server MPM Generation: 8 Server uptime: 2 days 14 hours 26 minutes 12 seconds Server load: 4.14 3.68 3.38 Total accesses: 1030291 - Total Traffic: 13.7 GB - Total Duration: 1210843294 CPU Usage: u105.51 s13.81 cu17595 cs925.52 - 8.29% CPU load 4.58 requests/sec - 63.9 kB/second - 13.9 kB/request - 1175.24 ms/request 16 requests currently being processed, 176 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 013293no1yes329100 113292no0yes131000 28486yes (old gen)4no00000 313294no13yes2300012 413526no6yes131004 513528no4yes527100 613530no6yes428003 Sum7134 161762019 _W____W_____________R_________________________W_________________ .G...............GG.....G......._______R____________________W___ __________R______________________________W__R__________W______WR ____W___R_______W_____________R_................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-8132930/13/8452_ 7.9100105256780.00.13118.86 104.164.173.52http/1.1localhost:443GET / HTTP/1.1 0-8132931/13/8988W 6.970083544700.00.15120.49 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /ytnlgro-24685aitems/etidm78 HTTP/1.1 0-8132930/18/8723_ 7.991090766840.00.18119.45 161.35.176.95http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 0-8132930/17/9000_ 7.910087971910.00.34112.02 104.164.173.67http/1.1localhost:443GET / HTTP/1.1 0-8132930/9/8838_ 7.145178288444990.00.11109.71 147.182.168.210http/1.1www.chonlateeadmin.com:443GET /telescope/requests HTTP/1.1 0-8132930/13/8967_ 7.973460100333330.00.22115.68 159.65.138.217http/1.1www.winnerpropest.com:443GET / HTTP/1.1 0-8132931/11/8755W 7.850085308550.00.11128.22 23.22.35.162http/1.1www.chonlateeboi.com:443GET /40770yktqetid.htm HTTP/1.1 0-8132930/18/8822_ 7.963093215320.00.18112.23 128.199.195.68http/1.1www.winnerpropest.com:80GET /server-status HTTP/1.1 0-8132930/16/9018_ 7.993186842960.00.14162.74 205.169.39.192http/1.1www.chonlateebusiness.com:443GET /wp-content/plugins/so-widgets-bundle/js/jquery.cycle.swipe 0-8132930/15/8875_ 7.562090914400.00.14114.71 54.203.146.144http/1.1www.winnerpropest.com:80GET /.well-known/acme-challenge/VBltq2hU_e_jgA00G9GcBQBqT7g7yy7 0-8132930/20/8736_ 7.64192298002850.00.20131.93 185.191.171.13http/1.1www.chonlateefood.com:443GET /get/lpa42261jpuzitems.htm HTTP/1.1 0-8132930/17/8429_ 7.713206496307520.00.18111.83 154.28.229.109http/1.1www.winnerpropest.com:443GET / HTTP/1.1 0-8132930/19/8430_ 7.934075238810.00.17109.34 159.203.63.67http/1.1localhost:80GET / HTTP/1.1 0-8132930/14/8657_ 7.9630109240670.00.15115.43 128.199.195.68http/1.1www.winnerpropest.com:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-8132930/16/9387_ 7.920083386700.00.16116.11 154.28.229.10http/1.1localhost:443GET / HTTP/1.1 0-8132930/16/8485_ 7.284637106070400.00.18111.23 147.182.168.210http/1.1www.chonlateeadmin.com:443GET /v2/_catalog HTTP/1.1 0-8132930/15/8644_ 7.05085186292990.00.17109.38 65.154.226.167h2www.winnerpropest.com:443[0/0] read: stream 0, 0-8132930/19/8773_ 7.725084600840.00.23114.70 185.248.85.28http/1.1www.chonlateebusiness.com:443GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1 0-8132930/15/8760_ 7.920356103930150.00.16111.01 66.249.77.98http/1.1www.twinbuilt.co.th:443GET /?e=tipo-de-cambio-pdf-tipo-de-cambio-mercado-de-9-ii-ymZeP 0-8132930/20/8892_ 7.03234987343440.00.23114.82 103.214.20.56http/1.1 0-8132930/15/8847R 7.9250126249660.00.20120.01 65.154.226.167h2www.winnerpropest.com:443[1/0] schedule: stream 1, GET / 0-8132930/13/8491_ 7.74584790016700.00.19111.59 147.182.168.210http/1.1www.chonlateeadmin.com:443GET /telescope/requests HTTP/1.1 0-8132930/19/9214_ 7.5431798077150.00.25118.85 205.169.39.192http/1.1www.chonlateebusiness.com:443GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 0-8132930/13/8632_ 8.020082603650.00.15117.18 167.99.184.41http/1.1www.winnerpropest.com:80GET /debug/default/view?panel=config HTTP/1.1 0-8132930/13/8650_ 7.280841105660200.00.15108.02 137.184.162.65http/1.1 0-8132930/18/8769_ 7.964075572910.00.17115.34 128.199.195.68http/1.1www.winnerpropest.com:80GET /.vscode/sftp.json HTTP/1.1 0-8132930/16/8671_ 7.523091137900.00.16119.49 157.230.54.29http/1.1 0-8132930/17/8725_ 7.640850101902550.00.25139.60 146.190.160.11http/1.1 0-8132930/12/8647_ 7.041281189036030.00.13105.49 147.182.168.210http/1.1www.chonlateeadmin.com:443GET / HTTP/1.1 0-8132930/14/8869_ 7.99334594657230.00.19144.24 154.28.229.109http/1.1www.winnerpropest.com:443GET / HTTP/1.1 0-8132930/15/8403_ 7.83185197409210.00.15122.44 164.92.84.255h2localhost:443[0/0] Software caused connection abort 0-8132930/17/8722_ 7.60155687722770.00.21109.47 137.184.150.232http/1.1 1-8132920/21/8719_ 9.401096309090.00.27140.09 167.99.184.41http/1.1www.winnerpropest.com:80GET /.vscode/sftp.json HTTP/1.1 1-8132920/21/8560_ 9.46034590998900.00.19105.77 66.249.77.98http/1.1www.twinbuilt.co.th:443GET /?e=copper-%E2%80%93-extreme-fit-1-ii-O47rzQtm HTTP/1.1 1-8132920/16/8608_ 8.731842117432540.00.16114.71 137.184.162.65h2localhost:443[0/0] Software caused connection abort 1-8132920/19/8398_ 9.11284296702970.00.17105.52 137.184.150.232h2localhost:443[0/0] Software caused connection abort 1-8132920/21/8419_ 9.2900102994890.00.20117.86 146.190.64.200http/1.1localhost:80GET / HTTP/1.1 1-8132920/16/8444_ 8.220196391634930.00.15111.21 146.70.126.165h2www.chonlateeadmin.com:443[0/0] Software caused connection abort 1-8132920/17/8435_ 8.45214108957020.00.17108.07 38.240.225.78h2localhost:443[0/0] Software caused connection abort 1-8132920/16/8445_ 9.3200102227520.00.20112.03 143.110.156.182http/1.1localhost:80GET / HTTP/1.1 1-8132920/19/8657_ 8.361151185830420.00.20127.38 157.230.54.29h2www.chonlateebusiness.com:443[0/0] Software caused connection abort 1-8132920/14/8278_ 9.1621059100296340.00.12111.50 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /gtvlgro-24693iitems/etidm11.htm HTTP/1.1 1-8132920/18/8109_ 9.4012104026350.00.21127.04 205.169.39.192http/1.1www.chonlateebusiness.com:443GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js <
Found on 2024-01-07 17:27 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3125900f4a25900f4a4dba3f74Apache Status Apache Server Status for ftp.winnerpropest.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Sunday, 07-Jan-2024 10:29:02 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 8 Parent Server MPM Generation: 7 Server uptime: 2 days 27 minutes 41 seconds Server load: 2.35 2.63 2.67 Total accesses: 815990 - Total Traffic: 11.0 GB - Total Duration: 1006805820 CPU Usage: u207.26 s17.18 cu13881.1 cs728.27 - 8.5% CPU load 4.68 requests/sec - 66.3 kB/second - 14.2 kB/request - 1233.85 ms/request 13 requests currently being processed, 51 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 016374no7yes626003 216287no4yes725100 Sum2011 1351103 _R__R_W________________WRR______................................ _W__WRW_____R____________R_R____................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-7163740/79/6296_ 42.640085440300.01.1092.90 167.172.20.95http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-7163740/78/6784R 41.371984862445020.00.9089.31 47.106.201.134http/1.1www.chonlateeseal.com:443 0-7163740/81/6298_ 42.38185274412980.00.8292.89 178.62.3.65http/1.1 0-7163740/73/6603_ 42.781071724420.01.0285.79 167.172.20.95http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 0-7163740/64/6328R 41.791246771581800.01.0181.98 46.101.103.192http/1.1 0-7163740/78/6717_ 42.66084480235560.00.8989.17 165.22.74.203h2localhost:443[0/0] Software caused connection abort 0-7163741/73/6517W 42.450060701190.00.7599.38 104.236.193.132http/1.1localhost:80GET /server-status HTTP/1.1 0-7163740/71/6575_ 42.79084769751170.00.7685.97 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /zioxhvp-1910bitems/etidm21m.html HTTP/1.1 0-7163740/84/6582_ 42.461064967450.00.96127.88 178.62.3.65http/1.1 0-7163740/74/6498_ 42.810073534880.01.1383.67 167.172.20.95http/1.1localhost:80GET /v2/_catalog HTTP/1.1 0-7163740/82/6245_ 42.410078474590.00.9779.58 165.22.74.203http/1.1 0-7163740/66/6194_ 42.401079817940.00.6880.66 139.59.230.191http/1.1localhost:80GET / HTTP/1.1 0-7163740/79/6274_ 42.461055339380.00.9282.95 165.22.74.203h2localhost:443[0/0] Software caused connection abort 0-7163740/81/6492_ 42.570083866190.00.8987.11 144.126.198.24h2localhost:443[0/0] Software caused connection abort 0-7163740/80/6909_ 42.860105562438180.00.8688.82 85.208.96.212http/1.1www.chonlateeadmin.com:443GET /qyfdlch-36377seti.html HTTP/1.1 0-7163740/85/6256_ 42.45184986569680.00.9581.49 167.99.184.41http/1.1 0-7163740/71/6417_ 42.22084566610520.00.8783.37 46.101.103.192http/1.1 0-7163740/70/6549_ 42.430064600560.00.8385.14 128.199.61.251h2localhost:443[0/0] Software caused connection abort 0-7163740/80/6573_ 40.71084071507370.00.8883.54 139.144.150.45h2localhost:443[0/0] Software caused connection abort 0-7163740/94/6348_ 42.830070858180.01.0188.83 167.172.20.95http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-7163740/84/6619_ 42.410094769110.01.0191.62 144.126.198.24h2localhost:443[0/0] Software caused connection abort 0-7163740/83/6300_ 42.830074432800.00.9285.22 142.93.64.15http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-7163740/69/6850_ 41.910078983170.00.6891.11 203.170.192.183http/1.1www.chonlateeboi.com:443POST /wp-cron.php?doing_wp_cron=1704598121.63022494316101074218 0-7163741/85/6395W 42.460065338010.00.9391.72 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /lyalgro-8604netidm5.htm HTTP/1.1 0-7163740/73/6297R 42.4511277277430.00.8179.00 52.70.240.171http/1.1www.chonlateeadmin.com:443 0-7163740/94/6422R 42.381059589940.01.0682.99 144.126.198.24http/1.1 0-7163740/84/6402_ 41.93085573047730.00.9992.38 46.101.103.192h2localhost:443[0/0] Software caused connection abort 0-7163740/75/6401_ 42.19083679768310.00.88113.10 167.99.184.41http/1.1 0-7163740/69/6322_ 41.54093368504850.00.8279.72 128.199.61.251h2localhost:443[0/0] Software caused connection abort 0-7163740/71/6590_ 42.54083274543060.00.75118.61 165.22.74.203h2localhost:443[0/0] Software caused connection abort 0-7163740/75/6285_ 42.850069382650.00.7292.00 178.62.3.65http/1.1localhost:80GET /_all_dbs HTTP/1.1 0-7163740/83/6601_ 42.410071947670.00.8984.82 139.144.150.45http/1.1 1-7-0/0/6466. 0.00193042274721740.00.0084.07 51.15.59.15http/1.1www.happy-carrent.com:443POST /xmlrpc.php HTTP/1.1 1-7-0/0/6249. 0.00193045268360270.00.0079.42 66.249.71.201http/1.1www.twinbuilt.co.th:443GET /?e=5501-seminary-rd-unit-2305s-falls-church-va-22041-5-ii- 1-7-0/0/6212. 0.001930959100680970.00.0080.31 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /pveitgo-24936retidm30cir.htm HTTP/1.1 1-7-0/0/5977. 0.00193084377800350.00.0079.41 52.167.144.137h2www.chonlateenextbiz.com:443[1/1] done: stream 1, GET /8pcpoe/best-cursive-fonts-for-tattoo 1-7-0/0/6152. 0.00193084376922630.00.0092.62 52.70.240.171http/1.1www.chonlateeboi.com:443GET /42454qecvetidm79w HTTP/1.1 1-7-0/0/6223. 0.00193084766598140.00.0081.75 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /ntcitgo-35802petid.htm HTTP/1.1 1-7-0/0/6251. 0.001930219370593040.00.0079.56 52.70.240.171http/1.1www.chonlateeboi.com:443GET /19075oqmiitems/etidm HTTP/1.1 1-7-0/0/6319. 0.00193088579594730.00.0084.70 52.167.144.186h2www.happy-carrent.com:443GET /wp-content/uploads/2018/09/Page-02-1024x410.jpg HTTP/2.0 1-7-0/0/6288. 0.001930114057278660.00.0081.40 52.167.144.186h2www.happy-carrent.com:443[1/1] done: stream 1, GET /wp-content/uploads/2018/09/Page-02-1 1-7-0/0/6224. 0.00193030979955160.00.0086.70 163.172.106.185http/1.1www.tspaccount.net:443POST /wp-login.php HTTP/1.1 1-7-0/0/6028. 0.00193067377872850.00.0086.08 185.191.171.5http/1.1www.chonlateefood.com:443GET /getid/rig11587vvpiitems HTTP/1.1 1-7-0/0/6552. 0.00193097160633540.00.0094.71 52.70.240.171http/1.1www.chonlateeboi.com:443GET /20484tbrmetidm1.htm HTTP/1.1 1-7-0/0/6284. 0.00193084581432030.00.0084.49 23.22.35.162http/1.1www.chonlateeboi.com:443GET /4955ymuietidm.html HTTP/1.1 1-7-0/0/6194. 0.001930106760566930.00.0080.90 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /sbhitgo-35807uetidm70fo.html HTTP/1.1 1-7-
Found on 2024-01-07 03:28 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3125900f4a25900f4af2ba4671Apache Status Apache Server Status for ftp.winnerpropest.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Saturday, 06-Jan-2024 02:03:54 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 3 Parent Server MPM Generation: 2 Server uptime: 16 hours 2 minutes 33 seconds Server load: 2.69 2.61 2.57 Total accesses: 286905 - Total Traffic: 4.1 GB - Total Duration: 249204237 CPU Usage: u569.58 s30.61 cu4282.28 cs230.01 - 8.85% CPU load 4.97 requests/sec - 74.2 kB/second - 14.9 kB/request - 868.595 ms/request 13 requests currently being processed, 115 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 019907no1yes725000 419908no6yes428001 719927no2yes131001 919931no1yes131000 Sum4010 13115002 __R__R________W____W_______R__WR................................ ................................................................ ________________WW____R______W__................................ ................................________W_______________________ ................................____________________________R___ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-2199070/195/3038_ 120.601025205690.02.2945.32 104.236.193.132http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-2199070/178/3273_ 120.510108923777800.02.3843.33 165.232.76.155h2localhost:443[0/0] Software caused connection abort 0-2199070/183/2976R 120.311453336506190.02.3752.01 91.92.252.141http/1.1 0-2199070/175/3205_ 120.3011226427150.02.4240.89 203.170.192.183http/1.1www.1smestartup.com:443POST /wp-cron.php?doing_wp_cron=1704481419.25942802429199218750 0-2199070/172/3096_ 120.20083924277160.02.0038.82 134.122.89.242http/1.1 0-2199070/179/3332R 120.46184226998280.02.5942.28 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /trust.php?wwladej-293107yitems/etidm HTTP/1.1 0-2199070/185/3107_ 120.68073824411440.02.3553.92 92.205.184.153http/1.1www.krongthongsecurity.com:443POST /wp-login.php HTTP/1.1 0-2199070/200/3120_ 120.21083525250620.02.1540.55 159.203.182.222http/1.1 0-2199070/196/3171_ 120.491025129920.02.1582.94 165.232.76.155http/1.1localhost:443GET / HTTP/1.1 0-2199070/178/3099_ 120.13088024307630.02.2640.08 159.203.182.222http/1.1 0-2199070/190/3037_ 120.570027839410.02.3637.37 104.236.193.132http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 0-2199070/206/2983_ 120.601024417600.02.4738.53 74.207.237.114http/1.1localhost:80GET /about HTTP/1.1 0-2199070/171/2938_ 120.611024368910.02.0740.29 144.126.202.105http/1.1localhost:80GET /login.action HTTP/1.1 0-2199070/170/3222_ 120.191035696140.02.1643.82 205.210.31.212http/1.1localhost:443GET / HTTP/1.1 0-2199071/184/3279W 120.470027815160.02.1444.13 164.92.192.25http/1.1localhost:80GET /server-status HTTP/1.1 0-2199070/168/3017_ 120.680025288140.01.9739.14 139.144.150.8http/1.1localhost:80GET /_all_dbs HTTP/1.1 0-2199070/177/2964_ 120.571028375190.02.2738.57 45.55.193.222http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 0-2199070/173/3252_ 120.520023888640.01.9843.15 134.122.89.242http/1.1localhost:443GET / HTTP/1.1 0-2199070/179/3153_ 120.601023755200.02.2841.29 164.92.192.25http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 0-2199071/175/2996W 115.69210025927860.02.0744.40 94.228.169.107http/1.1www.thesungolden.com:443POST /wp-content/uploads/wpr-addons/forms/061f69806f7d.php HTTP 0-2199070/176/3041_ 120.520023803270.02.4143.44 142.93.64.15http/1.1 0-2199070/171/3097_ 120.520026179570.02.2244.39 162.243.186.177http/1.1 0-2199070/191/3436_ 120.680024117620.02.2843.75 74.207.237.114http/1.1localhost:80GET /v2/_catalog HTTP/1.1 0-2199070/159/2932_ 120.560023907390.01.8938.69 104.236.193.132http/1.1localhost:80GET /about HTTP/1.1 0-2199070/187/2996_ 120.591024240880.02.4138.41 139.144.150.8http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-2199070/180/2980_ 120.571104523974930.02.3538.79 66.249.71.169http/1.1www.chonlateeadmin.com:443GET /trust.php?hiivrsm-14892vitems/etid.html HTTP/1.1 0-2199070/168/3060_ 120.59183727159390.02.0549.14 66.249.71.170http/1.1www.chonlateeadmin.com:443GET /trust.php?ejfecaw-101339sitems/eti HTTP/1.1 0-2199070/166/3042R 120.43284528249180.02.2769.49 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?aqpadej-309621citems/etidm83.htm HTTP/1.1 0-2199070/184/2949_ 120.30083924244490.02.2337.20 142.93.64.15h2localhost:443[0/0] Software caused connection abort 0-2199070/185/3294_ 120.510022866570.02.2977.86 146.190.64.200h2localhost:443[0/0] Software caused connection abort 0-2199071/184/2993W 120.560024164540.02.3646.46 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?jrkadej-216862xetidm8.htm HTTP/1.1 0-2199070/186/3349R 119.83284626981270.02.3340.96 85.208.96.208http/1.1www.chonlateeboi.com:443GET /17658tquxetid.htm HTTP/1.1 1-1-0/0/2323. 0.00592586617630010.00.0030.27 207.46.13.154http/1.1www.thaidaoherb.com:443GET /9i7h/dyv42461ryyhc053875235.html HTTP/2.0 1-1-0/0/2100. 0.005925173417390000.00.0027.02 66.249.71.7http/1.1www.chonlateenextbiz.com:443GET /db.php?g3192039.shtml HTTP/1.1 1-1-0/0/2227. 0.005925107117630050.00.0030.69 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?rngadej-26472tetidm80eat.htm HTTP/1.1 1-1-0/0/2089. 0.005925211517285130.00.0027.89 66.249.69.229http/1.1www.chonlateenextbiz.com:443GET /db.php?g335424.shtml HTTP/1.1 1-1-0/0/2129. 0.00592585117106500.00.0032.51 52.70.240.171http/1.1www.chonlateeboi.com:443GET /48835biwxitems/etidm HTTP/1.1 1-1-0/0/2185. 0.00592585816794840.00.0028.38 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?jryadej-23266letid HTTP/1.1 1-1-0/0/2135. 0.00592597217421340.00.0026.37 23.22.35.162http/1.1www.chonlateeboi.com:443GET /22684biwxetidm7 HTTP/1.1 1-1-0/0/2185. 0.0059251717237790.00.0029.46 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?papaw99.xml HTTP/1.1 1-1-0/0/2163. 0.00592584617365570.00.0029.98 23.22.35.162http/1.1www.chonlateeboi.com:443GET /42349biwxitems/etidm52 HTTP/1.1 1-1-0/0/2112. 0.00592589516912400.00.0027.55 185.191.171.3http/1.1www.chonlateefood.com:443GET /geti/cer43578htewitems.htm HTTP/1.1 1-1-0/0/2118. 0.005925102016733450.00.0031.98 157.55.39.202h2www.chonlateeadmin.com:443[1/1] done: stream 1, GET /tviipbe-49432vetidm29giv 1-1-0/0/2249. 0.005925105217993880.00.0031.23 3.224.220.101http/1.1www.chonlateeboi.com:443GET /22713biwxitems/eti.htm HTTP/1.1 1-1-0/0
Found on 2024-01-05 19:03 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3125900f4a25900f4a1e1c9e0dApache Status Apache Server Status for ftp.winnerpropest.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Tuesday, 12-Dec-2023 01:31:39 ICT Restart Time: Friday, 01-Dec-2023 00:22:58 ICT Parent Server Config. Generation: 43 Parent Server MPM Generation: 42 Server uptime: 11 days 1 hour 8 minutes 41 seconds Server load: 0.38 0.51 0.60 Total accesses: 4378952 - Total Traffic: 56.2 GB - Total Duration: 4134550078 CPU Usage: u435.59 s59.39 cu78638.1 cs4114.73 - 8.72% CPU load 4.59 requests/sec - 61.7 kB/second - 13.5 kB/request - 944.187 ms/request 11 requests currently being processed, 117 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 113923no13yes230107 213703no15yes1310011 313704no3yes329001 513924no5yes527000 Sum4036 111171019 ................................____________W____W______________ _____________R_________________________________R____W____R______ ................................____W_R__________R__R_________R_ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-42-0/0/39438. 0.003987847358265920.00.00499.50 195.201.83.132http/1.1www.thesungolden.com:443GET /tzeu2e/samsung-pm983-firmware-ssd.html HTTP/1.1 0-42-0/0/38824. 0.003987882365500810.00.00489.86 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?148874rxilitems/etid.html HTTP/1.1 0-42-0/0/39196. 0.003987888400205990.00.00502.64 52.70.240.171http/1.1www.chonlateeboi.com:443GET /trust.php?193658rxilitems/etid.html HTTP/1.1 0-42-0/0/39239. 0.0039870388973120.00.00512.53 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /hmozycz95752bitems/etidm24uzb.html HTTP/1.1 0-42-0/0/39751. 0.003987943369260050.00.00566.31 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?xwmqxjd-31418zitems/etid.html HTTP/1.1 0-42-0/0/38814. 0.0039871126398202220.00.00490.73 195.201.83.132http/1.1www.thesungolden.com:443GET /tzeu2e/samsung-pm983-firmware-ssd.html HTTP/1.1 0-42-0/0/39138. 0.0039870402069420.00.00493.03 66.249.64.42http/1.1www.thaidaoherb.com:443GET /godsend/godsend.php?ite/prp100531hvortidm195232.html HTTP/ 0-42-0/0/39909. 0.0039871216367066320.00.00500.86 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?cqrqxjd-76039eitems/etidm97pd HTTP/1.1 0-42-0/0/38868. 0.0039870379085210.00.00508.90 52.230.152.217http/1.1www.chonlateedesign.com:80GET /web-promote/ HTTP/1.1 0-42-0/0/39270. 0.003987595367326990.00.00501.47 144.76.67.250http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /tag/year-2566-financial-statement-closure-%E0%B8%AD%E0%B8% 0-42-0/0/38878. 0.0039871386384025070.00.00473.15 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?udnhgeq-42075aitems/eti HTTP/1.1 0-42-0/0/38930. 0.0039870368421470.00.00522.38 188.165.241.181http/1.1www.cnb.co.th:443GET /tag/%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%88%E0%B8%94%E0%B8%97 0-42-0/0/38825. 0.003987878374403580.00.00474.36 3.224.220.101http/1.1www.chonlateeboi.com:443GET /trust.php?153446rxilitems/etidm22u.html HTTP/1.1 0-42-0/0/38997. 0.0039871051406855700.00.00502.68 66.249.71.2http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?bgutmjj-25052hetid.htm HTTP/1.1 0-42-0/0/39185. 0.0039871165379639030.00.00492.25 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?rwkiejy-29618xetidm10ejx.htm HTTP/1.1 0-42-0/0/38879. 0.003987892371377940.00.00547.12 52.70.240.171http/1.1www.chonlateeboi.com:443GET /trust.php?150861rxilitems/etidm68.htm HTTP/1.1 0-42-0/0/39850. 0.0039871109374331580.00.00526.81 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?wfpzslq-39373cetidm.html HTTP/1.1 0-42-0/0/39367. 0.0039871223366063800.00.00485.13 40.77.167.235h2www.chonlateeaa.com:443[1/1] done: stream 1, GET /sitemap880.xml 0-42-0/0/39388. 0.003987900367170330.00.00509.03 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?jwyqxjd-76098letid.htm HTTP/1.1 0-42-0/0/39657. 0.003987869383840280.00.00545.46 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?lgetrge-7980retid HTTP/1.1 0-42-0/0/39000. 0.003987870363770880.00.00513.82 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?unnupca-40515aitems/eti HTTP/1.1 0-42-0/0/39221. 0.0039870387436970.00.00506.24 52.230.152.217http/1.1www.wealneosupply.com:80GET /robots.txt HTTP/1.1 0-42-0/0/38987. 0.0039871431406414790.00.00516.07 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?166920rxiletidm11arp.htm HTTP/1.1 0-42-0/0/38288. 0.0039871451361154300.00.00476.08 188.165.241.181http/1.1www.cnb.co.th:443GET /tag/%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%88%E0%B8%94%E0%B8%97 0-42-0/0/39329. 0.0039871225370519850.00.00521.52 66.249.71.2http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?tmmlbze-40358zetidm7.htm HTTP/1.1 0-42-0/0/38623. 0.0039870387982390.00.00472.33 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /impzycz95727citems/etidm36vz HTTP/1.1 0-42-0/0/39332. 0.0039870372505250.00.00585.11 130.255.166.82http/1.1www.1smestartup.com:80GET / HTTP/1.1 0-42-0/0/38557. 0.003987858369705720.00.00511.75 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?skhqxjd-15553uitems/eti HTTP/1.1 0-42-0/0/39158. 0.003987564411240670.00.00524.98 40.77.111.208http/1.1www.ddkserviceandtransport.com:GET /wp-json/wp/v2/users/ HTTP/1.1 0-42-0/0/39137. 0.003987890374606560.00.00505.74 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?biqvrsm-340952ditems/etidm68ovd.html HTTP/1.1 0-42-0/0/39126. 0.003987885369584480.00.00495.06 188.165.241.181http/1.1www.cnb.co.th:443GET /tag/%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%88%E0%B8%94%E0%B8%97 0-42-0/0/38859. 0.003987849377556310.00.00539.35 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?mqbqxjd-33643oitems/etidm HTTP/1.1 1-42139230/217/40178_ 127.891725373939870.01.98507.34 178.62.3.65h2localhost:443[0/0] Software caused connection abort 1-42139230/195/40051_ 128.9900382178010.01.95549.19 74.207.237.114http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-42139230/248/39872_ 128.820889383938970.06.91557.31 178.62.3.65h2localhost:443[0/0] Software caused connection abort 1-42139230/206/40108_ 128.8100392346730.02.20564.74 178.128.151.41h2localhost:443[0/0] Software caused connection abort 1-42139230/271/40958_ 127.7500364169650.07.73625.33 134.122.89.242h2localhost:443[0/0] Software caused connection abort 1-42139230/190/39650_ 128.6210361226530.02.18566.14 167.99.184.41h2localhost:443[0/0] Software caused connection abort 1-42139230/242/39804_ 128.9900364133550.02.48532.07 74.207.237.114http/1.1localhost:80GET /v2/_catalog HTTP/1.1 1-42139230/250/40256_ 128.9310388058910.02.84513.23 137.184.106.30http/1.1localhost:80GET /v2/_catalog HTTP/1.1 1-42139230/195/39956_ 128.9310376623010.01.89503.08 139.144.150.45http/1.1localhost:80GET /.env HTTP/1.1 1-42139230/203/40040_ 128.9900368945400.02.41512.19 128.19
Found on 2023-12-11 18:31 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3125900f4a25900f4a46f10a5eApache Status Apache Server Status for ftp.winnerpropest.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Friday, 17-Nov-2023 08:51:33 ICT Restart Time: Sunday, 12-Nov-2023 01:49:47 ICT Parent Server Config. Generation: 18 Parent Server MPM Generation: 17 Server uptime: 5 days 7 hours 1 minute 45 seconds Server load: 17.51 17.49 17.39 Total accesses: 1354793 - Total Traffic: 16.9 GB - Total Duration: 2734446810 CPU Usage: u190.41 s22.76 cu12673.8 cs728.22 - 2.98% CPU load 2.96 requests/sec - 38.8 kB/second - 13.1 kB/request - 2018.35 ms/request 9 requests currently being processed, 55 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 110705no4yes923000 66304no2yes032000 Sum206 955000 ................................___R______W__RWRR__W____WR______ ................................................................ ................................................................ ________________________________................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-17-0/0/12060. 0.0036451175697360.00.00162.09 203.170.192.183http/1.1www.1smestartup.com:443GET /wp-content/themes/sydney/js/functions.min.js?ver=20210823 0-17-0/0/12468. 0.0036452132251388450.00.00137.45 134.209.101.210http/1.1www.chonlateemeet.com:443POST //xmlrpc.php HTTP/1.1 0-17-0/0/12081. 0.0036451354218161010.00.00141.41 134.209.101.210http/1.1www.chonlateemeet.com:443POST //xmlrpc.php HTTP/1.1 0-17-0/0/12377. 0.003645909177095820.00.00155.95 3.224.220.101http/1.1www.chonlateeboi.com:443GET /43581ymuiitems/etidm85.htm HTTP/1.1 0-17-0/0/12174. 0.003645918214120200.00.00166.01 66.249.66.194http/1.1www.chonlateefood.com:443GET /mds.php?items/pme8231qummtidm44929.html HTTP/1.1 0-17-0/0/12088. 0.003645480175140010.00.00152.72 85.208.96.207http/1.1www.mkandptfoods.com:443GET /wzy.php?m23923173227.html HTTP/1.1 0-17-0/0/12475. 0.003645693244797780.00.00175.65 207.46.13.153h2www.thesungolden.com:443[1/1] done: stream 1, GET /550818/23656890.html 0-17-0/0/12048. 0.003645628209737680.00.00165.11 66.249.66.194http/1.1www.chonlateefood.com:443GET /mds.php?item/wyl42194tryotidm.html HTTP/1.1 0-17-0/0/12213. 0.0036451506249321740.00.00131.24 195.191.219.133http/1.1www.cnb.co.th:443GET /tag/%E0%B9%80%E0%B8%81%E0%B8%A9%E0%B8%95%E0%B8%A3%E0%B8%AA 0-17-0/0/11828. 0.003645863196033380.00.00163.49 195.191.219.133http/1.1www.cnb.co.th:443GET /tag/%E0%B8%AD%E0%B8%B8%E0%B8%97%E0%B8%B1%E0%B8%A2/ HTTP/1. 0-17-0/0/12045. 0.0036452036237338930.00.00156.10 195.191.219.133http/1.1www.cnb.co.th:443GET /tag/%E0%B8%AD%E0%B8%B8%E0%B8%9A%E0%B8%A5%E0%B8%A3%E0%B8%B1 0-17-0/0/12625. 0.003645676182717830.00.00149.14 136.243.228.193http/1.1www.mkandptfoods.com:443GET /wzy.php?m85333783884.html HTTP/1.1 0-17-0/0/12476. 0.003645626195374930.00.00172.05 66.249.71.67http/1.1www.chonlateefood.com:443GET /mds.php?items/amp3146zzmatidm.html HTTP/1.1 0-17-0/0/11879. 0.003645847176824960.00.00194.36 185.191.171.8http/1.1www.1smestartup.com:443GET /%E0%B8%88%E0%B8%94%E0%B8%97%E0%B8%B0%E0%B9%80%E0%B8%9A%E0% 0-17-0/0/12636. 0.0036450175751230.00.00159.29 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /jgqcktp202458dd45e HTTP/1.1 0-17-0/0/11935. 0.0036453233555860.00.00135.90 47.128.58.99h2www.seasabithailand.com:443[0/0] init 0-17-0/0/12322. 0.003645466177312260.00.00170.51 136.243.228.193http/1.1www.mkandptfoods.com:443GET /wzy.php?m85333729304.html HTTP/1.1 0-17-0/0/12384. 0.0036451198050850.00.00166.44 203.170.192.183http/1.1www.1smestartup.com:443GET /wp-content/themes/sydney/js/functions.min.js?ver=20210823 0-17-0/0/11822. 0.0036451958171584410.00.00146.44 207.46.13.153h2www.thesungolden.com:443GET /550818/23656890.html HTTP/2.0 0-17-0/0/12496. 0.003645841173856660.00.00151.92 66.249.66.194http/1.1www.chonlateefood.com:443GET /mds.php?items/feu41345aegktid.html HTTP/1.1 0-17-0/0/12362. 0.003645467215546040.00.00184.89 136.243.228.193http/1.1www.mkandptfoods.com:443GET /wzy.php?m85333710588.html HTTP/1.1 0-17-0/0/12691. 0.0036450235660660.00.00173.17 188.165.87.96http/1.1localhost:443GET / HTTP/1.1 0-17-0/0/12706. 0.0036451100181148300.00.00159.50 134.209.101.210http/1.1www.chonlateemeet.com:443POST //xmlrpc.php HTTP/1.1 0-17-0/0/12290. 0.0036451428229713640.00.00149.59 207.46.13.153h2www.thesungolden.com:443[0/0] init 0-17-0/0/11917. 0.0036451032177640310.00.00167.65 66.249.66.194http/1.1www.chonlateefood.com:443GET /mds.php?items/ovd30902pvvjtidm5661.html HTTP/1.1 0-17-0/0/11858. 0.003645627225251620.00.00146.54 66.249.71.67http/1.1www.chonlateefood.com:443GET /mds.php?items/zio13181yieutidm392.html HTTP/1.1 0-17-0/0/12458. 0.003645952243734240.00.00156.74 23.22.35.162http/1.1www.chonlateeboi.com:443GET /20579ymuietidm.html HTTP/1.1 0-17-0/0/12548. 0.0036453589231902850.00.00158.37 203.170.192.183http/1.1www.1smestartup.com:443GET /%E0%B8%88%E0%B8%94%E0%B8%97%E0%B8%B0%E0%B9%80%E0%B8%9A%E0% 0-17-0/0/11969. 0.0036452156247210200.00.00132.89 134.209.101.210http/1.1www.chonlateemeet.com:443POST //xmlrpc.php HTTP/1.1 0-17-0/0/12048. 0.0036453064224777600.00.00131.00 185.191.171.8http/1.1www.1smestartup.com:443GET /%E0%B8%88%E0%B8%94%E0%B8%97%E0%B8%B0%E0%B9%80%E0%B8%9A%E0% 0-17-0/0/11924. 0.003645479177695360.00.00145.46 195.191.219.133http/1.1www.cnb.co.th:443GET /tag/%E0%B9%80%E0%B8%81%E0%B8%A9%E0%B8%95%E0%B8%A3%E0%B8%AA 0-17-0/0/11960. 0.0036450174382840.00.00151.26 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /uxbcktp211777o87d.html HTTP/1.1 1-17107050/265/12147_ 76.8410159742330.07.41174.88 207.154.240.169http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 1-17107050/298/11366_ 76.8500158579600.04.00157.22 165.22.108.223http/1.1localhost:80GET /config.json HTTP/1.1 1-17107050/202/11587_ 76.7200163536590.02.03217.29 164.90.222.93h2localhost:443[0/0] Software caused connection abort 1-17107050/206/11329R 76.7810159145090.02.45131.96 165.22.108.223http/1.1localhost:80GET /.DS_Store HTTP/1.1 1-17107050/257/11688_ 76.7300158211630.02.49175.14 165.22.108.223http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 1-17107050/211/11537_ 76.6911166986110.02.07139.01 164.90.205.35h2localhost:443[0/0] Software caused connection abort 1-17107050/231/11370_ 76.6405161434250.02.61170.64 164.90.222.93http/1.1 1-17107050/208/12000_ 76.6910216218310.02.06139.95 134.122.34.144h2localhost:443[0/0] Software caused connection abort 1-17107050/205/11952_ 76.7400161324080.03.05153.40 104.236.193.132http/1.1localhost:80GET / HTTP/1.1 1-17107050/294/11902_ 76.7510168475430.04.96162.42 139.144.150.23http/1.1 1-17107051/267/11680W 76.4600159877060.02.46164.25 136.243.228.193http/1.1www.mkandptfoods.com:443GET /wzy.php?m2614265702.html HTTP/1.1 1-17107050/234/12004_ 76.280800158531910.02.22<
Found on 2023-11-17 01:51 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3125900f4a25900f4ae5176502Apache Status Apache Server Status for ftp.winnerpropest.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Wednesday, 08-Nov-2023 22:40:36 ICT Restart Time: Monday, 06-Nov-2023 09:41:18 ICT Parent Server Config. Generation: 7 Parent Server MPM Generation: 6 Server uptime: 2 days 12 hours 59 minutes 18 seconds Server load: 2.23 2.15 1.96 Total accesses: 592839 - Total Traffic: 9.4 GB - Total Duration: 895177535 CPU Usage: u77.18 s15.54 cu8596.67 cs552.47 - 4.21% CPU load 2.7 requests/sec - 45.0 kB/second - 16.7 kB/request - 1509.98 ms/request 8 requests currently being processed, 88 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 019180no7yes230013 128701no1yes527000 217998no1yes131000 Sum309 888013 _________________W_____W____________R_________RR_R_R____________ ______R_________________________................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process <SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-6191800/75/5373_ 28.700083492490.00.68112.45 154.28.229.223http/1.1localhost:443GET / HTTP/1.1 0-6191800/67/4865_ 28.402096931720.01.3572.76 54.185.132.195http/1.1localhost:80GET /.well-known/acme-challenge/zLuKEfoITeMe5UTabqHf-LsgEV0JgNi 0-6191800/67/5122_ 27.90074765960700.00.81107.45 79.104.53.14http/1.1www.xn--q3cj1a4cd8i.com:443GET / HTTP/1.1 0-6191800/61/5277_ 27.820265920410.01.4999.97 104.164.173.72http/1.1www.winnerpropest.com:443GET /wp-content/themes/sydney/js/so-legacy-main.min.js?ver=6.4 0-6191800/62/5215_ 28.232076305300.00.6975.78 100.21.24.205http/1.1www.thefixup333.com:80GET /robots.txt HTTP/1.1 0-6191800/60/4938_ 28.29170071923960.00.6077.64 157.55.39.60h2www.chonlateeseal.com:443[1/1] done: stream 1, GET /tag/%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B 0-6191800/60/5148_ 28.57364972368280.00.4875.88 51.81.245.138http/1.1www.xn--q3cj1a4cd8i.com:443GET /favicon.ico HTTP/1.1 0-6191800/58/5043_ 27.902087300680.00.7072.78 207.46.13.150h2www.nakindogtraining.com:443[0/0] init 0-6191800/80/5465_ 28.690092815760.00.7293.02 127.0.0.1http/1.1server2.chonlatee.com:80\n 0-6191800/72/4994_ 28.583074798280.00.5168.67 128.199.62.55http/1.1localhost:443GET / HTTP/1.1 0-6191800/65/5038_ 28.490088870340.00.3872.18 18.222.129.69http/1.1www.yougame.in.th:80GET /.well-known/acme-challenge/OR-GgmBDSj94sxi_-WRire7JcXdl0lj 0-6191800/61/5447_ 27.18387364548210.00.7195.76 79.104.53.14http/1.1www.xn--q3cj1a4cd8i.com:443GET / HTTP/1.1 0-6191800/73/5093_ 28.690087818070.00.5767.68 157.55.39.60h2www.chonlateeseal.com:443GET /tag/%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%97%E0%B8%B3%E0%B8%95 0-6191800/70/5652_ 28.222067455440.00.5979.90 23.178.112.104http/1.1localhost:80GET /.well-known/acme-challenge/tin0PbAKfYynhOHsvOM6Q-NWNVGmkxA 0-6191800/62/5151_ 27.392288169913990.00.4280.56 23.22.35.162http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /content/0041649740.html HTTP/1.1 0-6191800/71/5118_ 28.082231769257330.00.90102.16 23.22.35.162http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /content/0041649740.html HTTP/1.1 0-6191800/69/5114_ 28.40275767914850.00.5088.13 159.223.222.161http/1.1www.siamsolarrooftop.com:443POST /wp-login.php HTTP/1.1 0-6191801/59/5274W 27.910068918780.00.5971.55 3.224.220.101http/1.1www.chonlateeboi.com:443GET /trust.php?122691msubitems/etidm.htm HTTP/1.1 0-6191800/75/5601_ 28.44152690682680.00.78110.46 128.199.62.55h2localhost:443[0/0] Software caused connection abort 0-6191800/69/4927_ 28.393104278579840.00.5877.82 157.55.39.60h2www.chonlateeseal.com:443[0/0] init 0-6191800/71/5426_ 28.45071091599960.00.6190.23 159.203.182.222h2localhost:443[0/0] Software caused connection abort 0-6191800/65/5448_ 28.700772521260.00.6489.62 79.104.53.14http/1.1www.xn--q3cj1a4cd8i.com:443GET / HTTP/1.1 0-6191800/71/5140_ 28.07277668926690.00.5175.03 79.137.206.177http/1.1www.mgrandstructure.com:443POST /d5c4d9ecff3d.php HTTP/1.1 0-6191801/80/5187W 27.940070270160.00.7380.90 165.232.76.155http/1.1localhost:80GET /server-status HTTP/1.1 0-6191800/68/5379_ 28.700075323700.00.59103.19 104.164.173.225http/1.1localhost:443GET / HTTP/1.1 0-6191800/72/5001_ 27.450065908750.01.0888.21 40.77.167.23h2www.chonlateeadmin.com:443[0/0] init 0-6191800/84/4844_ 28.582217670856270.00.8577.90 79.104.53.14http/1.1www.xn--q3cj1a4cd8i.com:443GET / HTTP/1.1 0-6191800/68/5199_ 28.500073405780.00.4688.58 23.178.112.107http/1.1www.yougame.in.th:443GET /.well-known/acme-challenge/OR-GgmBDSj94sxi_-WRire7JcXdl0lj 0-6191800/71/5218_ 28.690086562860.00.6491.75 165.232.76.155http/1.1localhost:80GET /v2/_catalog HTTP/1.1 0-6191800/54/4856_ 27.850767580960.00.90107.17 104.164.173.72http/1.1www.winnerpropest.com:443GET /%e0%b9%80%e0%b8%81%e0%b8%b5%e0%b9%88%e0%b8%a2%e0%b8%a7%e0% 0-6191800/60/5139_ 28.680072916820.00.38114.11 139.144.150.23http/1.1www.winnerpropest.com:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-6191800/59/5154_ 28.651068392850.00.6174.56 165.232.76.155http/1.1localhost:80GET /about HTTP/1.1 1-6287010/1/5406_ 0.052163004840.00.0188.47 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /reune.php?ncupahm68432hetidm53aph.htm HTTP/1.1 1-6287010/1/4953_ 0.892061100030.00.0069.20 139.144.150.23http/1.1www.winnerpropest.com:80GET /.vscode/sftp.json HTTP/1.1 1-6287010/1/4713_ 0.770149780352810.00.0171.63 128.199.62.55http/1.1 1-6287010/4/5178_ 0.892062289070.00.0483.57 79.104.53.14http/1.1www.xn--q3cj1a4cd8i.com:80GET / HTTP/1.1 1-6287010/1/4782R 0.425283663336050.00.0080.84 23.22.35.162http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /content/0039698332.html HTTP/1.1 1-6287010/2/5088_ 0.76255764172330.00.0376.49 128.199.62.55h2localhost:443[0/0] Software caused connection abort 1-6287010/1/5306_ 0.4121279859060.00.0179.67 203.170.192.183http/1.1www.xn--12cx2bef7bl0boq4ch6gugwPOST /wp-cron.php?doing_wp_cron=1699458006.98445796966552734375 1-6287010/2/4993_ 0.912063480340.00.0184.07 139.144.150.23http/1.1www.winnerpropest.com:80GET /about HTTP/1.1 1-6287010/3/5112_ 0.9020112601750.00.0484.47 165.232.76.155http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 1-6287010/1/5213_ 0.772077743300.00.0085.90 51.81.245.138http/1.1localhost:443GET / HTTP/1.1 1-6287010/2/5090_ 0.462173543280.00.0276.87 3.17.62.33http/1.1www.yougame.in.th:443GET /.well-known/acme-challenge/gVFsuI0HgbCXCc-rU7TbkxhxL920mBv 1-6287010/1/4991_ 0.911063445300.00.0080.03 139.144.150.23http/1.1www.winnerpropest.com:80GET /v2/_catalog HTTP/1.1 1-6287010/2/5267_ 0.9800
Found on 2023-11-08 15:40 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a3070605e7b6c1d7Apache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Saturday, 23-Sep-2023 08:21:47 +07 Restart Time: Saturday, 23-Sep-2023 04:02:11 +07 Parent Server Config. Generation: 1763 Parent Server MPM Generation: 1762 Server uptime: 4 hours 19 minutes 36 seconds Server load: 1.24 1.15 0.78 Total accesses: 23605 - Total Traffic: 332.2 MB - Total Duration: 29532665 CPU Usage: u2834.9 s5191.67 cu51096200 cs12501200 - 408000% CPU load 1.52 requests/sec - 21.8 kB/second - 14.4 kB/request - 1251.12 ms/request 5 requests currently being processed, 4 idle workers _RW.C___WR........................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1762232710/33/2012_ 22.590025126840.00.3239.84 164.90.222.93http/1.1 1-1762234730/12/1865R 5.601122911780.00.0934.13 172.69.214.217http/1.1 2-1762228440/88/1928W 57.300023958620.00.9823.17 5.62.34.21http/1.1www.chonlateeaa.com:443POST //wp-login.php HTTP/1.1 3-1762-0/0/1777. 0.003117021413160.00.0023.65 172.68.234.195http/1.1www.business.co.th:443GET /%E0%B8%88%E0%B8%94%E0%B8%97%E0%B8%B0%E0%B9%80%E0%B8%9A%E0% 4-1762233881/23/1909C 14.860814229130613.40.2423.84 162.158.238.236http/1.1www.siamerp.com:443GET /tag/%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B9%82%E0%B8%9B%E0%B8%A3 5-1762234800/10/1813_ 4.360124680940.00.0822.70 161.35.176.95http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 6-1762229290/76/1702_ 34.960021489130.01.2019.75 66.249.79.7http/1.1www.ozonepluswater.net:80GET /sample-page/feed/ HTTP/1.0 7-1762230370/49/1606_ 24.000119881340.00.4120.29 192.53.126.23http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 8-1762232890/32/1399W 24.520017660220.00.3117.10 192.53.126.23http/1.1localhost:80GET /server-status HTTP/1.0 9-1762229370/71/1254R 24.181115484460.00.6317.52 164.90.222.93http/1.1 10-1762-0/0/1424. 0.0046018262690.00.0014.85 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 11-1762-0/0/1204. 0.0035017076450.00.0014.52 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 12-1762-0/0/714. 0.00131508026130.00.0011.09 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 13-1762-0/0/679. 0.0060708914440.00.007.95 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 14-1762-0/0/786. 0.0055898210257150.00.0013.41 27.254.96.168http/1.1www.xn--12cx2bef7bl0boq4ch6gugwPOST /wp-cron.php?doing_wp_cron=1695431546.92032790184020996093 15-1762-0/0/636. 0.0055626463050.00.008.65 223.24.160.141http/1.1www.xn--12cx2bef7bl0boq4ch6gugwGET /wp-content/plugins/contact-form-7/includes/css/styles.css? 16-1762-0/0/490. 0.0043825675899520.00.006.94 45.80.158.52http/1.1www.summer-techthai.com:443GET / HTTP/1.1 17-1762-0/0/63. 0.0032970572180.00.002.19 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 18-1762-0/0/124. 0.00329101645590.00.002.90 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1762-0/0/94. 0.0027706121059020.00.001.26 172.68.234.144http/1.1www.ptatun.or.th:80POST /wp-cron.php?doing_wp_cron=1695429335.63167810440063476562 20-1762-0/0/99. 0.00402801298300.00.004.31 65.21.232.254http/1.1www.1smestartup.com:80GET /tag/%E0%B8%AD%E0%B8%B3%E0%B9%80%E0%B8%A0%E0%B8%AD%E0%B8%AA 21-1762-0/0/16. 0.0043850264580.00.002.09 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1762-0/0/2. 0.004426020500.00.000.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1762-0/0/9. 0.004408047380.00.000.06 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 39subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 100 seconds, (range: 0...241)index usage: 1%, cache usage: 1%total entries stored since starting: 2931total entries replaced since starting: 0total entries expired since starting: 2892total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 101 hit, 7681 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-23 01:20 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a30706053b873ca3Apache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Tuesday, 19-Sep-2023 07:22:36 +07 Restart Time: Tuesday, 19-Sep-2023 04:02:12 +07 Parent Server Config. Generation: 1744 Parent Server MPM Generation: 1743 Server uptime: 3 hours 20 minutes 23 seconds Server load: 0.60 0.94 0.80 Total accesses: 13597 - Total Traffic: 203.3 MB - Total Duration: 18770388 CPU Usage: u2758.21 s5143.25 cu50858600 cs12450800 - 527000% CPU load 1.13 requests/sec - 17.3 kB/second - 15.3 kB/request - 1380.48 ms/request 3 requests currently being processed, 5 idle workers _W_RR.__....._.................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-174365680/10/1202_ 2.530116471680.00.0513.11 128.199.61.251http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-174362260/56/1244W 26.320017392420.00.6018.36 128.199.61.251http/1.1localhost:80GET /server-status HTTP/1.0 2-174366190/1/1290_ 0.72080117518110.00.0128.06 159.203.182.222http/1.1 3-174362990/39/1194R 23.161115455780.00.6630.88 159.203.182.222http/1.1 4-174363100/38/1137R 16.791015865130.00.4014.67 3.224.220.101http/1.1www.focusfilmthailand.com:443 5-1743-0/0/1114. 0.007882015014360.00.0015.12 52.70.240.171http/1.1www.focusfilmthailand.com:443GET /tag/%E0%B8%9A%E0%B8%A3%E0%B8%B4%E0%B8%81%E0%B8%B2%E0%B8%A3 6-174365160/17/978_ 7.600113070520.00.1813.68 172.105.37.32http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.0 7-174360490/88/1089_ 49.390014158760.01.0412.75 128.199.61.251http/1.1localhost:80GET /v2/_catalog HTTP/1.0 8-1743-0/0/1120. 0.002016951870.00.0013.75 128.199.61.251http/1.1localhost:80GET / HTTP/1.0 9-1743-0/0/937. 0.002012637670.00.0011.73 172.105.37.32http/1.1localhost:80GET /about HTTP/1.0 10-1743-0/0/701. 0.0021409690020.00.009.59 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 11-1743-0/0/434. 0.0021306769290.00.005.74 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 12-1743-0/0/585. 0.0017707938170.00.007.43 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 13-174363210/37/454_ 22.3408487204480.00.497.10 52.70.240.171http/1.1www.focusfilmthailand.com:443GET /tag/%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%95%E0%B8%B4%E0%B8%94 14-1743-0/0/13. 0.0028710161960.00.000.24 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 15-1743-0/0/5. 0.002878036090.00.000.02 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 16-1743-0/0/100. 0.00287701367490.00.001.07 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 252subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 37 seconds, (range: 0...165)index usage: 8%, cache usage: 11%total entries stored since starting: 2409total entries replaced since starting: 0total entries expired since starting: 2157total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 97 hit, 4709 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-19 00:21 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a3070605a8fdcfb8Apache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Saturday, 16-Sep-2023 22:39:26 +07 Restart Time: Saturday, 16-Sep-2023 04:02:13 +07 Parent Server Config. Generation: 1732 Parent Server MPM Generation: 1731 Server uptime: 18 hours 37 minutes 13 seconds Server load: 1.47 1.23 0.88 Total accesses: 123193 - Total Traffic: 1.8 GB - Total Duration: 228453520 CPU Usage: u2847.24 s5161.17 cu50706100 cs12417500 - 94200% CPU load 1.84 requests/sec - 28.6 kB/second - 15.6 kB/request - 1854.44 ms/request 6 requests currently being processed, 4 idle workers .._W_RWWCC__...................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1731-0/0/9821. 0.00220178132340.00.00169.47 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 1-1731-0/0/9937. 0.00441018172664150.00.00161.51 150.95.83.97http/1.1www.12gobiz.com:443POST /xmlrpc.php HTTP/1.1 2-1731221260/89/9240_ 35.4500193057620.00.85125.53 165.232.76.155http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 3-1731221990/68/9217W 35.8610167630880.00.57116.10 162.158.106.190http/1.1www.chorsiam.com:80GET /robots.txt HTTP/1.0 4-1731222520/43/8672_ 28.6200187694990.00.32145.38 46.101.103.192http/1.1 5-1731222110/54/9119R 35.6900160236050.01.47137.94 172.71.167.155http/1.1www.xn--42cl6b3aa6azd4ce4q.com: 6-1731220570/92/8760W 47.8800147101570.00.91120.31 46.101.103.192http/1.1localhost:80GET /server-status HTTP/1.0 7-1731222800/40/8523W 24.3400148652340.00.42124.31 172.68.234.180http/1.1www.chorsiam.com:80POST /wp-cron.php?doing_wp_cron=1694878765.95712399482727050781 8-1731222911/42/7960C 17.410887137698173.00.38138.13 172.71.166.252http/1.1www.chonlateefarm.com:443GET //1975.php HTTP/1.1 9-1731223831/13/6955C 3.1501115758091.40.0497.45 164.92.192.25http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 10-1731223890/9/6629_ 5.470722113010200.00.04113.66 172.71.167.155http/1.1www.xn--42cl6b3aa6azd4ce4q.com:GET //wp-content/shell20211028.php HTTP/1.1 11-1731219170/95/6206_ 60.6201139882530.00.7398.06 46.101.103.192http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 12-1731-0/0/5380. 0.00771035101855850.00.0066.53 172.69.67.137http/1.1www.chonlateefarm.com:443GET /xmlrpc2.php HTTP/1.1 13-1731-0/0/4023. 0.002643076643750.00.0092.54 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 14-1731-0/0/3000. 0.001906060318540.00.0042.68 104.197.209.149http/1.1www.chonlateeadmin.com:443POST /xmlrpc.php HTTP/1.1 15-1731-0/0/2249. 0.002626043213970.00.0026.31 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 16-1731-0/0/1413. 0.001911032973810.00.0018.10 104.199.1.238http/1.1www.ozonepluswater.net:443POST /xmlrpc.php HTTP/1.1 17-1731-0/0/873. 0.003861014076680.00.0011.80 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 18-1731-0/0/906. 0.003021102414633540.00.0012.38 117.18.13.234http/1.1www.chonlateebusiness.com:443GET /?author=43 HTTP/1.1 19-1731-0/0/651. 0.00289492310930420.00.008.58 31.14.123.176http/1.1www.tkadvicesystem.com:443GET /?author=16 HTTP/1.1 20-1731-0/0/429. 0.00382905748350.00.005.47 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 21-1731-0/0/529. 0.00299322818268060.00.006.22 81.70.157.183http/1.1www.tkadvicesystem.com:443GET /?author=16 HTTP/1.1 22-1731-0/0/205. 0.00386403994600.00.003.49 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1731-0/0/503. 0.00376309870970.00.005.99 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 24-1731-0/0/230. 0.00385504121130.00.003.24 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 25-1731-0/0/215. 0.00310203830620.00.002.20 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1731-0/0/46. 0.00384401498040.00.000.37 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 27-1731-0/0/127. 0.00383602650280.00.001.95 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1731-0/0/27. 0.0038690598370.00.000.46 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 29-1731-0/0/67. 0.00386001499110.00.000.48 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 30-1731-0/0/237. 0.00303704038520.00.002.89 67.215.2.86http/1.1www.chonlateebusiness.com:80GET /?author=21 HTTP/1.0 31-1731-0/0/57. 0.00360901107810.00.000.81 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 32-1731-0/0/18. 0.0038680177310.00.000.11 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 33-1731-0/0/48. 0.0038460539560.00.000.49 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 34-1731-0/0/126. 0.00385303187600.00.001.38 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 35-1731-0/0/155. 0.00385202624890.00.001.52 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 36-1731-0/0/33. 0.0038570666060.00.000.40 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 37-1731-0/0/136. 0.00384703697660.00.001.58 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 38-1731-0/0/51. 0.0038350653380.00.000.38 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 39-1731-0/0/24. 0.0038670459740.00.000.21 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 40-1731-0/0/120. 0.00301711051982980.00.001.48 117.18.13.234http/1.1www.chonlateebusiness.com:443GET /?author=46 HTTP/1.1 41-1731-0/0/12. 0.00523570248910.00.000.08 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 42-1731-0/0/105. 0.00518173942319840.00.001.87 23.97.205.210http/1.1www.ss-cool.com:443POST /wp-login.php HTTP/1.1 43-1731-0/0/10. 0.0052385362040.00.000.15 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 44-1731-0/0/15. 0.00523560357110.00.000.12 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 45-1731-0/0/99. 0.005172516283147040.00.001.20 103.145.163.219http/1.1www.chonlateefbc.com:80POST /wp-login.php HTTP/1.0 46-1731-0/0/9. 0.00523370303520.00.000.15 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 47-1731-0/0/8. 0.00523610271660.00.000.02 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 48-1731-0/0/7. 0.00523580237160.00.000.06 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 49-1731-0/0/11. 0.00523497207120.00.000.05 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection C
Found on 2023-09-16 15:38 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a3070605dc86ae50Apache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Thursday, 14-Sep-2023 10:35:28 +07 Restart Time: Thursday, 14-Sep-2023 04:02:12 +07 Parent Server Config. Generation: 1721 Parent Server MPM Generation: 1720 Server uptime: 6 hours 33 minutes 16 seconds Server load: 0.89 0.45 0.46 Total accesses: 30610 - Total Traffic: 555.5 MB - Total Duration: 35889914 CPU Usage: u2654.64 s5087.69 cu50523500 cs12377900 - 267000% CPU load 1.3 requests/sec - 24.1 kB/second - 18.6 kB/request - 1172.49 ms/request 2 requests currently being processed, 11 idle workers .W_.___.___W____.................................. Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1720-0/0/2564. 0.000033176070.00.0042.40 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 1-172047120/17/2563W 1.227029776520.00.0844.49 124.120.27.176http/1.1www.chonlateepr.com:443POST /wp-admin/admin-ajax.php HTTP/1.1 2-172046270/52/2374_ 7.460025274240.01.4436.69 161.35.27.144http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.0 3-1720-0/0/2449. 0.002027854640.00.0048.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 4-172043710/94/2584_ 20.050735529636620.01.5454.37 172.68.234.166http/1.1www.business.co.th:443POST /wp-cron.php?doing_wp_cron=1694662520.66314911842346191406 5-172048070/29/2052_ 0.110124588360.00.2433.19 139.144.150.23http/1.1 6-172048140/18/2056_ 2.810025156350.00.5036.40 139.144.150.23http/1.1 7-1720-0/0/2046. 0.003023371610.00.0033.90 184.22.232.72http/1.1www.chonlateepr.com:443GET /wp-content/plugins/elementskit-lite/modules/controls/asset 8-172043870/61/1846_ 16.420150521976750.01.0842.12 139.144.150.23http/1.1 9-172048200/28/1926_ 1.701022942110.00.2729.50 161.35.27.144http/1.1localhost:80GET /about HTTP/1.0 10-172046330/50/1712_ 4.701163919673490.00.5030.57 139.144.150.23http/1.1 11-172046400/28/1470W 2.410018400300.00.8122.32 68.183.64.176http/1.1localhost:80GET /server-status HTTP/1.0 12-172046460/31/1072_ 5.720146111646460.00.4017.02 172.68.234.191http/1.1www.business.co.th:443GET /%E0%B8%88%E0%B8%94%E0%B8%97%E0%B8%B0%E0%B9%80%E0%B8%9A%E0% 13-172048330/2/743_ 1.35009896370.00.0322.29 68.183.64.176http/1.1localhost:80GET /v2/_catalog HTTP/1.0 14-172048390/18/757_ 0.110011460260.00.2727.70 68.183.64.176http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 15-172048400/20/327_ 1.59003291500.00.143.68 161.35.27.144http/1.1localhost:80GET /v2/_catalog HTTP/1.0 16-1720-0/0/344. 0.00284404342970.00.004.07 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 17-1720-0/0/296. 0.00272402680570.00.006.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 18-1720-0/0/215. 0.00274102060380.00.003.12 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1720-0/0/101. 0.0028560892110.00.001.36 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 20-1720-0/0/140. 0.0028720919000.00.001.51 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 21-1720-0/0/65. 0.0028620549540.00.001.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1720-0/0/10. 0.002841068810.00.000.05 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1720-0/0/189. 0.0020046452198090.00.003.51 162.158.175.8http/1.1www.siamerp.com:443GET //test/wp-includes/wlwmanifest.xml HTTP/1.1 24-1720-0/0/128. 0.0028460708380.00.001.16 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 25-1720-0/0/87. 0.0028730937100.00.001.42 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1720-0/0/3. 0.002874018910.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 27-1720-0/0/3. 0.002876025190.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1720-0/0/91. 0.0028430750500.00.002.48 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 29-1720-0/0/4. 0.002842026810.00.000.02 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 30-1720-0/0/88. 0.0028650547580.00.000.88 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 31-1720-0/0/9. 0.002840097780.00.000.10 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 32-1720-0/0/83. 0.0028700788710.00.000.52 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 33-1720-0/0/3. 0.002869040.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 34-1720-0/0/82. 0.0028610988600.00.000.69 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 35-1720-0/0/2. 0.002863010.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 36-1720-0/0/3. 0.002838017380.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 37-1720-0/0/3. 0.002866020.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 38-1720-0/0/3. 0.002839030.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 39-1720-0/0/4. 0.002864070.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 40-1720-0/0/1. 0.002868110.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 41-1720-0/0/1. 0.002848010.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 42-1720-0/0/90. 0.00203695172126480.00.002.70 172.68.234.130http/1.1www.chonlateebranding.com:443POST /wp-cron.php?doing_wp_cron=1694660481.29693388938903808593 43-1720-0/0/1. 0.002852010.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 44-1720-0/0/1. 0.002851010.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 45-1720-0/0/1. 0.002849010.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 46-1720-0/0/1. 0.002855010.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 47-1720-0/0/1. 0.002853010.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 48-1720-0/0/15. 0.002726032140.00.000.16 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 49-1720-0/0/1. 0.002850000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB</
Found on 2023-09-14 03:34 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a307060527cb14f1Apache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Wednesday, 13-Sep-2023 13:13:03 +07 Restart Time: Wednesday, 13-Sep-2023 04:02:12 +07 Parent Server Config. Generation: 1717 Parent Server MPM Generation: 1716 Server uptime: 9 hours 10 minutes 51 seconds Server load: 0.82 1.16 1.19 Total accesses: 54348 - Total Traffic: 1.0 GB - Total Duration: 82516789 CPU Usage: u2892.86 s5116.59 cu50481000 cs12368700 - 190000% CPU load 1.64 requests/sec - 33.2 kB/second - 20.2 kB/request - 1518.3 ms/request 1 requests currently being processed, 9 idle workers ____W_......_...._..._.._......................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1716163200/47/4523_ 24.75049169486460.00.5581.22 198.98.51.73http/1.1www.tspaccount.net:443POST /wp-login.php HTTP/1.1 1-1716164220/28/4577_ 17.240267147600.00.4974.32 159.89.83.196http/1.1localhost:80GET /server-status HTTP/1.0 2-1716165620/13/4639_ 11.140163596190.00.2590.71 139.59.182.142http/1.1 3-1716165820/12/4231_ 6.820168609500.00.12124.91 165.22.74.203http/1.1localhost:80GET /_all_dbs HTTP/1.0 4-1716165890/10/4171W 4.760060931130.00.0962.25 159.203.44.43http/1.1localhost:80GET /server-status HTTP/1.0 5-1716166480/8/4079_ 0.531159358460.00.0869.54 139.59.182.142http/1.1 6-1716-0/0/3675. 0.00481055543070.00.0084.19 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 7-1716-0/0/3693. 0.00488055578500.00.0068.05 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 8-1716-0/0/3381. 0.00484051216310.00.0073.05 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 9-1716-0/0/3475. 0.00489054291410.00.0064.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 10-1716-0/0/2980. 0.0014849444484940.00.0057.34 209.141.53.194http/1.1www.ss-cool.com:443GET /wp-login.php HTTP/1.1 11-1716-0/0/2884. 0.00472047531770.00.0045.26 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 12-1716158770/73/2206_ 111.710137018910.01.0157.88 139.59.182.142http/1.1 13-1716-0/0/1289. 0.00479022508550.00.0029.29 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 14-1716-0/0/1026. 0.0056015606970.00.0016.34 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 15-1716-0/0/604. 0.007108997210.00.0010.77 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 16-1716-0/0/866. 0.00487012620610.00.0014.32 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 17-1716161790/50/352_ 36.90015814850.00.513.70 159.203.44.43http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 18-1716-0/0/374. 0.0028105423740.00.006.42 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1716-0/0/340. 0.005705086110.00.0018.85 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 20-1716-0/0/126. 0.0049001067570.00.003.55 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 21-1716161940/51/175_ 68.12002466270.00.942.69 165.22.74.203http/1.1localhost:80GET /login.action HTTP/1.0 22-1716-0/0/194. 0.0047702462410.00.003.11 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1716-0/0/136. 0.0049302476380.00.002.10 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 24-1716162220/57/78_ 64.10001653400.00.831.14 165.22.74.203http/1.1localhost:80GET /.DS_Store HTTP/1.0 25-1716-0/0/9. 0.0015646063280.00.000.50 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1716-0/0/76. 0.001515101550070.00.001.93 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 27-1716-0/0/3. 0.0015656033330.00.000.04 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1716-0/0/3. 0.00156650700.00.000.02 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 29-1716-0/0/3. 0.00156640510.00.000.02 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 30-1716-0/0/9. 0.001564704950.00.000.23 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 31-1716-0/0/4. 0.00156590390.00.000.02 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 32-1716-0/0/3. 0.001565802160.00.000.09 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 33-1716-0/0/15. 0.00156190149050.00.000.96 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 34-1716-0/0/4. 0.001565701040.00.000.07 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 35-1716-0/0/6. 0.0015651036240.00.000.22 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 36-1716-0/0/6. 0.0015632053100.00.000.09 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 37-1716-0/0/61. 0.00153250977890.00.001.25 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 38-1716-0/0/69. 0.001524301316420.00.001.51 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 39-1716-0/0/3. 0.00156670250.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 84subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 121 seconds, (range: 2...287)index usage: 2%, cache usage: 3%total entries stored since starting: 9965total entries replaced since starting: 0total entries expired since starting: 9881total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 377 hit, 18410 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-13 06:11 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a3070605e39fe173Apache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Monday, 11-Sep-2023 01:14:22 +07 Restart Time: Monday, 11-Sep-2023 00:24:35 +07 Parent Server Config. Generation: 1705 Parent Server MPM Generation: 1704 Server uptime: 49 minutes 46 seconds Server load: 0.27 0.34 0.64 Total accesses: 5199 - Total Traffic: 79.3 MB - Total Duration: 6644977 CPU Usage: u2699.24 s5070.01 cu50299300 cs12329200 - 2.1e+6% CPU load 1.74 requests/sec - 27.2 kB/second - 15.6 kB/request - 1278.13 ms/request 2 requests currently being processed, 8 idle workers __R___...__W.._................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1704206590/6/450_ 1.86015656150.00.045.53 167.71.185.75http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-1704204480/23/424_ 7.03016049920.00.157.17 143.110.218.229http/1.1 2-1704202540/51/432R 15.59115345280.00.714.82 143.110.218.229http/1.1 3-1704204570/24/439_ 8.59015494470.00.155.49 45.79.116.95http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 4-1704199570/83/386_ 26.29015045070.01.815.46 172.70.85.249http/1.1www.smetast.com:80POST /xmlrpc.php HTTP/1.0 5-1704204000/27/402_ 10.55015223110.00.394.95 167.71.185.75http/1.1localhost:80GET /v2/_catalog HTTP/1.0 6-1704-0/0/364. 0.0025804924130.00.0010.63 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 7-1704-0/0/237. 0.0054602978280.00.003.89 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 8-1704-0/0/266. 0.00221103067630.00.003.13 167.71.196.133http/1.1www.winnerpropest.com:443GET //wp-includes/ID3/license.txt HTTP/1.1 9-1704201440/64/370_ 17.82014631940.01.084.97 143.110.218.229http/1.1 10-1704201500/64/241_ 20.00013413730.01.279.55 45.79.116.95http/1.1localhost:80GET /v2/_catalog HTTP/1.0 11-1704201680/58/261W 21.42003018360.01.013.33 45.79.116.95http/1.1localhost:80GET /server-status HTTP/1.0 12-1704-0/0/211. 0.0050502536730.00.002.20 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 13-1704-0/0/179. 0.0055302285160.00.001.97 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 14-1704201880/59/160_ 19.5214702076560.00.932.04 162.158.238.232http/1.1www.accsmile.com:80GET /wp-login.php?registration=disabled HTTP/1.0 15-1704-0/0/194. 0.00130002691430.00.002.32 162.158.94.159http/1.1www.rooffurnish.com:443POST /xmlrpc.php HTTP/1.1 16-1704-0/0/102. 0.00129011133890.00.000.94 213.227.129.69http/1.1www.dreamhightravel.com:443POST /xmlrpc.php HTTP/1.1 17-1704-0/0/5. 0.002803090.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 18-1704-0/0/76. 0.0023050877750.00.000.86 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 45subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 79 seconds, (range: 24...279)index usage: 1%, cache usage: 2%total entries stored since starting: 562total entries replaced since starting: 0total entries expired since starting: 517total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 0 hit, 2432 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-10 18:13 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a30706052b0bb7f4Apache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Thursday, 07-Sep-2023 15:33:37 +07 Restart Time: Thursday, 07-Sep-2023 04:02:11 +07 Parent Server Config. Generation: 1686 Parent Server MPM Generation: 1685 Server uptime: 11 hours 31 minutes 26 seconds Server load: 1.02 0.97 1.22 Total accesses: 98502 - Total Traffic: 1.5 GB - Total Duration: 152218402 CPU Usage: u2667.64 s5037.84 cu50093100 cs12284600 - 150000% CPU load 2.37 requests/sec - 38.1 kB/second - 16.0 kB/request - 1545.33 ms/request 6 requests currently being processed, 9 idle workers __R_R___WR._......................._....WR......_. Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1685170370/37/7963_ 9.2100119563190.00.50123.03 207.154.240.169http/1.1localhost:80GET /login.action HTTP/1.0 1-1685166500/66/7656_ 21.2801117405240.00.68111.94 207.154.240.169http/1.1localhost:80GET /server-status HTTP/1.0 2-1685165440/93/7479R 20.581651115108070.00.9894.94 172.71.134.112http/1.1 3-1685170440/34/7192_ 14.0001511112766500.00.3297.06 137.184.106.30http/1.1 4-1685170520/31/7097R 8.8510106822860.00.2294.02 164.92.192.25http/1.1 5-1685171640/3/6742_ 1.760869101192710.00.0195.70 172.70.85.73http/1.1www.chonlateefarm.com:443GET /checkout HTTP/1.1 6-1685171710/2/6544_ 1.180153698926110.00.0393.09 164.92.192.25http/1.1 7-1685171730/6/6726_ 0.0200101490340.00.01106.04 147.182.168.210http/1.1localhost:80GET /v2/_catalog HTTP/1.0 8-1685171830/0/6378W 0.0000106052060.00.00124.25 172.69.134.84http/1.1www.chonlateefarm.com:443GET /checkout HTTP/1.1 9-1685171890/3/6413R 0.001197773310.00.0098.37 162.158.94.159http/1.1 10-1685-0/0/5353. 0.000079002880.00.0087.21 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 11-1685172010/0/4887_ 0.000074881930.00.0084.04 137.184.106.30http/1.1 12-1685-0/0/4185. 0.00344065341580.00.0057.82 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 13-1685-0/0/3930. 0.00316062036660.00.00114.53 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 14-1685-0/0/2933. 0.00173047697930.00.0053.21 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 15-1685-0/0/2628. 0.003759745714700.00.0037.17 27.254.96.168http/1.1www.thaicarsale.com:80GET / HTTP/1.1 16-1685-0/0/1242. 0.00323023801890.00.0017.39 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 17-1685-0/0/778. 0.0034309589930.00.0013.83 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 18-1685-0/0/503. 0.0033808823540.00.005.32 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1685-0/0/457. 0.0032006408870.00.005.20 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 20-1685-0/0/267. 0.0016304510150.00.003.49 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 21-1685-0/0/214. 0.0031505327460.00.002.85 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1685-0/0/209. 0.0032903597350.00.002.49 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1685-0/0/248. 0.0032402727750.00.004.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 24-1685-0/0/47. 0.003130528780.00.003.58 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 25-1685-0/0/12. 0.0034603020.00.000.23 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1685-0/0/99. 0.0033301901690.00.002.40 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 27-1685-0/0/7. 0.00350018300.00.000.08 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1685-0/0/9. 0.00327034320.00.000.18 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 29-1685-0/0/8. 0.00319060340.00.000.40 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 30-1685-0/0/8. 0.00328047700.00.000.13 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 31-1685-0/0/5. 0.00341029920.00.000.24 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 32-1685-0/0/7. 0.00331016490.00.000.04 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 33-1685-0/0/6. 0.003450200.00.000.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 34-1685-0/0/7. 0.00312059940.00.000.24 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 35-1685168070/54/54_ 16.3700752920.03.793.79 64.227.126.135http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 36-1685-0/0/5. 0.00340025690.00.000.24 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 37-1685-0/0/2. 0.00353034550.00.000.37 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 38-1685-0/0/4. 0.00339045410.00.000.39 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 39-1685-0/0/4. 0.00337043870.00.000.37 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 40-1685168410/59/59W 19.3000901340.00.750.75 64.227.126.135http/1.1localhost:80GET /server-status HTTP/1.0 41-1685168430/49/49R 14.86520514010.00.710.71 49.7.20.111http/1.1www.thai-pack.com:443 42-1685-0/0/5. 0.00334017180.00.000.02 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 43-1685-0/0/5. 0.0033002820.00.000.07 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 44-1685-0/0/5. 0.00326057630.00.000.19 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 45-1685-0/0/5. 0.003420190.00.000.02 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 46-1685-0/0/5. 0.00336014700.00.000.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 47-1685-0/0/4. 0.00351080.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 48-1685168850/52/52_ 13.2000498870.01.031.03 39.105.120.190http/1.1www.wealneosupply.com:443POST /xmlrpc.php HTTP/1.1 49-1685-0/0/5. 0.00335010790.00.000.09 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 91subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 82 seconds, (range: 4...272)index usage: 3%, cache usage: 4%
Found on 2023-09-07 08:32 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a3070605917acd13Apache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Wednesday, 06-Sep-2023 00:24:20 +07 Restart Time: Wednesday, 06-Sep-2023 00:10:47 +07 Parent Server Config. Generation: 1681 Parent Server MPM Generation: 1680 Server uptime: 13 minutes 32 seconds Server load: 0.33 0.97 0.89 Total accesses: 997 - Total Traffic: 12.4 MB - Total Duration: 1001421 CPU Usage: u2712.66 s5035.1 cu49964300 cs12257000 - 7660000% CPU load 1.23 requests/sec - 15.7 kB/second - 12.8 kB/request - 1004.43 ms/request 12 requests currently being processed, 1 idle workers RCCRRC.....WWR.C.C.._.............C............... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1680261000/16/39R 2.6200427500.00.070.38 164.90.222.93http/1.1www.winnerpropest.com:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-1680203191/89/89C 32.11011127331.11.041.04 139.59.230.191http/1.1localhost:443GET /?rest_route=/wp/v2/users/ HTTP/1.1 2-1680203431/89/89C 31.35001095251.41.071.07 139.59.230.191http/1.1localhost:443GET /s/836313e26393e2435323e27323/_/;/META-INF/maven/com.atlass 3-1680273980/3/24R 0.0900275780.00.000.14 64.227.126.135http/1.1 4-1680274150/1/24R 0.0102308500.00.000.18 139.144.150.23http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 5-1680274171/3/22C 0.0101373671.30.000.18 139.59.230.191http/1.1localhost:443GET /config.json HTTP/1.1 6-1680-0/0/22. 0.006250271210.00.000.17 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 7-1680-0/0/16. 0.006060194830.00.000.10 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 8-1680-0/0/14. 0.006190223140.00.000.12 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 9-1680-0/0/13. 0.006220259570.00.000.15 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 10-1680-0/0/15. 0.006160167530.00.000.08 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 11-1680223560/72/72W 20.8100521740.00.610.61 139.144.150.23http/1.1localhost:80GET /server-status HTTP/1.0 12-1680223570/69/69W 25.0660651050.02.292.29 27.254.96.168http/1.1www.ltclevelup.com:443POST /wp-cron.php?doing_wp_cron=1693934654.06347894668579101562 13-1680224020/75/75R 17.870356693270.00.990.99 64.227.126.135http/1.1 14-1680-0/0/2. 0.00621052370.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 15-1680224041/75/75C 25.3000672571.31.111.11 139.59.230.191http/1.1localhost:443GET /telescope/requests HTTP/1.1 16-1680-0/0/3. 0.00615072560.00.000.02 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 17-1680224611/73/73C 19.6010644061.31.131.13 139.59.230.191http/1.1localhost:443GET /.env HTTP/1.1 18-1680-0/0/2. 0.00614052820.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1680-0/0/2. 0.00604042590.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 20-1680224640/81/81_ 18.1501505830.00.850.85 134.122.89.242http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 21-1680-0/0/2. 0.00613252670.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1680-0/0/2. 0.00607037100.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1680-0/0/65. 0.00552580060.00.000.92 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 24-1680-0/0/2. 0.00605041730.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 25-1680-0/0/3. 0.00617031270.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1680-0/0/2. 0.00609038270.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 27-1680-0/0/2. 0.00608021850.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1680-0/0/1. 0.00634000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 29-1680-0/0/2. 0.00610036220.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 30-1680-0/0/2. 0.00611034860.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 31-1680-0/0/2. 0.00612031910.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 32-1680-0/0/1. 0.00632000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 33-1680-0/0/1. 0.00633000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 34-1680225811/83/83C 17.2111474881.30.790.79 139.59.230.191http/1.1localhost:443GET /.git/config HTTP/1.1 35-1680-0/0/1. 0.00631010.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 36-1680-0/0/1. 0.00630000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 37-1680-0/0/1. 0.00629000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 38-1680-0/0/1. 0.00628000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 39-1680-0/0/1. 0.00627000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 40-1680-0/0/1. 0.00624000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 98subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 144 seconds, (range: 56...296)index usage: 3%, cache usage: 4%total entries stored since starting: 196total entries replaced since starting: 0total entries expired since starting: 98total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 1 hit, 348 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-05 17:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a3070605b500decbApache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Friday, 07-Jul-2023 00:24:25 +07 Restart Time: Friday, 07-Jul-2023 00:10:33 +07 Parent Server Config. Generation: 1419 Parent Server MPM Generation: 1418 Server uptime: 13 minutes 52 seconds Server load: 1.44 1.64 1.54 Total accesses: 1618 - Total Traffic: 10.3 MB - Total Duration: 1722891 CPU Usage: u2284.1 s3809.71 cu35483900 cs8464620 - 5280000% CPU load 1.94 requests/sec - 12.7 kB/second - 6.5 kB/request - 1064.83 ms/request 5 requests currently being processed, 6 idle workers W_C__R_W_R._...................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-141817920/63/163W 22.30001840680.00.451.18 207.154.240.169http/1.1localhost:80GET /server-status HTTP/1.0 1-141851070/29/68_ 7.1100666650.00.060.51 164.90.222.93http/1.1www.winnerpropest.com:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 2-141818111/49/147C 19.8001825161132156.80.520.97 134.122.63.192http/1.1www.winnerpropest.com:443GET / HTTP/1.1 3-141859040/15/172_ 0.13011914660.00.021.05 46.101.103.192http/1.1localhost:80GET /server-status HTTP/1.0 4-141816840/72/169_ 30.12001857440.00.551.07 207.154.225.47http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 5-141818210/58/154R 20.26011630640.00.531.15 40.77.167.206http/1.1 6-141820200/47/145_ 21.51011692490.00.541.07 164.92.192.25http/1.1 7-141820580/48/143W 17.76001561670.00.310.96 172.104.176.248http/1.1www.winnerpropest.com:443GET /about HTTP/1.1 8-141820660/52/150_ 15.90001474620.00.360.91 161.35.27.144http/1.1 9-141820680/58/154R 16.89011488890.00.360.82 207.154.225.47http/1.1localhost:80GET /v2/_catalog HTTP/1.0 10-1418-0/0/136. 0.001301400750.00.000.56 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 11-141857210/12/17_ 2.510089040.00.030.07 64.227.126.135http/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 129subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 84 seconds, (range: 0...221)index usage: 4%, cache usage: 5%total entries stored since starting: 263total entries replaced since starting: 0total entries expired since starting: 134total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 1 hit, 357 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-07-06 17:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a307060567d77b65Apache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Tuesday, 07-Mar-2023 13:50:30 +07 Restart Time: Tuesday, 07-Mar-2023 13:49:54 +07 Parent Server Config. Generation: 968 Parent Server MPM Generation: 967 Server uptime: 36 seconds Server load: 0.55 0.92 1.13 Total accesses: 78 - Total Traffic: 174 kB - Total Duration: 17735 CPU Usage: u1433 s2581.72 cu24558600 cs5922570 - 8.47e+7% CPU load 2.17 requests/sec - 4949 B/second - 2284 B/request - 227.372 ms/request 7 requests currently being processed, 1 idle workers CL_RWRWW.......................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-967316371/16/16C 2.010240006.40.030.03 143.42.116.90http/1.1www.winnerpropest.com:443GET / HTTP/1.1 1-967316431/12/12C 1.240126140.70.030.03 162.243.161.105http/1.1localhost:80GET /info.php HTTP/1.0 2-967316610/18/18_ 1.850135820.00.040.04 159.223.108.26http/1.1localhost:80GET /.DS_Store HTTP/1.0 3-967316670/10/10R 0.750116550.00.030.03 27.254.96.168http/1.1 4-967316730/2/2W 0.781014720.00.010.01 45.8.17.55http/1.1www.ozonepluswater.net:443GET / HTTP/1.0 5-967316950/8/8R 2.190143850.00.020.02 192.53.126.23http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.0 6-967317110/3/3W 0.020080.00.000.00 159.223.108.26http/1.1localhost:80GET /server-status HTTP/1.0 7-967317320/9/9W 0.0200170.00.010.01 147.182.130.98http/1.1localhost:80GET /server-status HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 7subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 296 seconds, (range: 285...298)index usage: 0%, cache usage: 0%total entries stored since starting: 7total entries replaced since starting: 0total entries expired since starting: 0total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 0 hit, 25 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-03-07 06:47
-
-
Apache server-status page is publicly available
The server-status page (usually
/server-status) allows server administrators to find out how well their server is performing.This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
First seen 2023-03-07 06:47
Last seen 2024-02-02 16:20
Open for 332 days-
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3125900f4a25900f4a575bd3f7Apache Status Apache Server Status for ftp.winnerpropest.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Friday, 02-Feb-2024 23:20:52 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 93 Parent Server MPM Generation: 92 Server uptime: 28 days 13 hours 19 minutes 31 seconds Server load: 2.01 2.01 2.00 Total accesses: 1850329 - Total Traffic: 23.8 GB - Total Duration: 2141120685 CPU Usage: u237.31 s125.31 cu32089.3 cs2210.25 - 1.4% CPU load .75 requests/sec - 10.1 kB/second - 13.5 kB/request - 1157.16 ms/request 1 requests currently being processed, 127 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 029373no0yes032000 229661no0yes131000 329394no0yes032000 529374no0yes032000 Sum400 1127000 ________________________________................................ _______________W________________________________________________ ................................________________________________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-92293730/54/14802_ 19.9719780160261000.00.18193.80 104.236.193.132http/1.1localhost:443GET /config.json HTTP/1.1 0-92293730/52/15295_ 19.9819750139013530.00.12198.97 159.203.182.222http/1.1localhost:443GET /.env HTTP/1.1 0-92293730/52/14865_ 19.2219760150309560.00.18192.75 159.203.182.222h2localhost:443[0/0] Software caused connection abort 0-92293730/54/15047_ 19.9719800145875140.00.15186.02 167.172.20.95http/1.1localhost:443GET /server-status HTTP/1.1 0-92293730/51/14949_ 19.9719790147711740.00.19185.46 128.199.62.55http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-92293730/45/15172_ 19.9819770156649170.00.13188.55 159.89.83.196http/1.1localhost:443GET /config.json HTTP/1.1 0-92293730/44/14844_ 19.9819750145588900.00.19200.29 104.236.193.132http/1.1localhost:443GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-92293730/46/15153_ 19.9919730150182080.00.10187.60 159.203.182.222http/1.1localhost:443GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-92293730/46/15113_ 19.5019770145226990.00.11229.90 146.190.160.11http/1.1 0-92293730/53/15247_ 19.9619710148853450.00.20194.92 167.172.20.95http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-92293730/51/14811_ 19.9519760154393440.00.13200.72 146.190.160.11http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-92293730/49/14822_ 19.9619750147156360.00.10195.46 159.89.83.196http/1.1localhost:443GET /login.action HTTP/1.1 0-92293730/59/14690_ 19.9819770137182780.00.19185.56 167.172.20.95http/1.1localhost:443GET /.DS_Store HTTP/1.1 0-92293730/52/14843_ 19.9419780169086630.00.11186.04 159.89.83.196http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-92293730/52/15798_ 19.96150141615390.00.15187.81 167.99.8.63h2localhost:443[0/0] Software caused connection abort 0-92293730/54/14846_ 19.93140165341260.00.13182.52 167.99.8.63h2localhost:443[0/0] Software caused connection abort 0-92293730/60/14899_ 19.9919700143405110.00.14206.39 159.203.182.222http/1.1localhost:443GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-92293730/51/14958_ 19.06510144940050.00.15189.33 162.142.125.11h2clocalhost:80[0/0] done 0-92293730/50/14778_ 19.9619750160388380.00.10200.58 159.203.182.222http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-92293730/54/14999_ 19.7519800144639400.00.17193.85 159.89.83.196http/1.1localhost:443GET / HTTP/1.1 0-92293730/53/14990_ 19.9619730181496040.00.20193.46 104.236.193.132http/1.1localhost:443GET /_all_dbs HTTP/1.1 0-92293730/50/15015_ 19.6219710147053790.00.14204.12 146.190.160.11http/1.1 0-92293730/53/15471_ 19.3919710150756110.00.19188.31 128.199.62.55h2localhost:443[0/0] Software caused connection abort 0-92293730/44/14675_ 19.0519750138765330.00.16190.21 167.172.20.95http/1.1 0-92293730/61/14985_ 19.5819805162205950.00.13186.91 167.172.20.95http/1.1localhost:443GET /server-status HTTP/1.1 0-92293730/56/14659_ 19.9819760135981680.00.20197.05 104.236.193.132http/1.1localhost:443GET /telescope/requests HTTP/1.1 0-92293730/51/15158_ 19.9219690144713520.00.09194.53 104.236.193.132http/1.1localhost:443GET /about HTTP/1.1 0-92293730/56/14941_ 19.9419780159195750.00.08213.32 167.172.20.95http/1.1localhost:443GET / HTTP/1.1 0-92293730/55/14742_ 19.57510152174680.00.13175.94 162.142.125.11h2clocalhost:80[0/0] init 0-92293730/39/15187_ 19.9719780135139150.00.11225.16 159.89.83.196http/1.1localhost:443GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-92293730/58/14677_ 19.96510155573090.00.08199.15 167.172.20.95http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-92293730/48/14938_ 19.5919760145815210.00.20185.19 167.172.20.95h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15731. 0.00688380138364770.00.00219.29 137.184.162.65http/1.1localhost:80GET /.git/config HTTP/1.1 1-92-0/0/15813. 0.00688380136849580.00.00198.68 139.144.150.23http/1.1localhost:443GET /login.action HTTP/1.1 1-92-0/0/15602. 0.00688380174090190.00.00199.96 159.203.44.43h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15318. 0.00688380150896030.00.00189.46 164.92.84.255http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 1-92-0/0/15276. 0.00688380146566320.00.00197.93 159.203.44.43http/1.1localhost:443GET /.git/config HTTP/1.1 1-92-0/0/15655. 0.00688380134151790.00.00198.79 139.144.150.23http/1.1localhost:443GET /.DS_Store HTTP/1.1 1-92-0/0/15351. 0.00688380172789920.00.00188.15 159.223.102.13http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-92-0/0/15185. 0.00688380165483380.00.00189.07 64.227.126.135h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15335. 0.00688380127395500.00.00211.76 134.122.34.144http/1.1localhost:443GET /telescope/requests HTTP/1.1 1-92-0/0/14956. 0.00688380152319130.00.00188.74 159.203.44.43http/1.1localhost:443GET / HTTP/1.1 1-92-0/0/15041. 0.00688380148013860.00.00204.86 164.92.84.255http/1.1localhost:443GET /login.action HTTP/1.1 1-92-0/0/15506. 0.00688380159268070.00.00208.73 139.144.96.150http/1.1localhost:443GET /config.json HTTP/1.1 1-92-0/0/15329. 0.00688380159504030.00.00200.56 45.55.193.222http/1.1localhost:443GET /telescope/requests HTTP/1.1 1-92-0/0/15189. 0.00688380
Found on 2024-02-02 16:20 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3125900f4a25900f4ac8059bb2Apache Status Apache Server Status for ftp.winnerpropest.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Sunday, 07-Jan-2024 10:29:06 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 8 Parent Server MPM Generation: 7 Server uptime: 2 days 27 minutes 45 seconds Server load: 2.40 2.63 2.67 Total accesses: 816082 - Total Traffic: 11.0 GB - Total Duration: 1006815376 CPU Usage: u207.8 s17.22 cu13881.1 cs728.27 - 8.5% CPU load 4.68 requests/sec - 66.3 kB/second - 14.2 kB/request - 1233.72 ms/request 13 requests currently being processed, 51 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 016374no7yes428003 216287no4yes923100 Sum2011 1351103 _____WR_____________W_W_________................................ _WW_W_W__W________R_____RR__W___................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-7163740/81/6298_ 43.050085440310.01.1092.90 198.199.121.22http/1.1localhost:80GET /config.json HTTP/1.1 0-7163740/80/6786_ 43.060062452050.00.9189.32 144.126.198.24http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-7163740/81/6298_ 42.38185274412980.00.8292.89 178.62.3.65h2localhost:443[0/0] Software caused connection abort 0-7163740/73/6603_ 42.781071724420.01.0285.79 167.172.20.95http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 0-7163740/65/6329_ 43.021071581810.01.0181.98 104.236.193.132http/1.1localhost:80GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-7163741/79/6718W 42.980080235560.00.8989.17 46.101.103.192http/1.1localhost:443GET /server-status HTTP/1.1 0-7163740/74/6518R 42.8711260701320.00.7699.40 104.236.193.132http/1.1localhost:80GET /server-status HTTP/1.1 0-7163740/74/6578_ 43.020069751300.00.7885.98 167.172.20.95http/1.1localhost:80GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-7163740/85/6583_ 42.981105464977990.00.98127.90 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?pfnsvcw-279372aetidm87cs.html HTTP/1.1 0-7163740/76/6500_ 43.050073534890.01.1483.67 46.101.103.192http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-7163740/85/6248_ 43.060078474600.00.9779.58 104.236.193.132http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-7163740/67/6195_ 42.981079817950.00.6880.66 104.236.193.132http/1.1localhost:80GET /.DS_Store HTTP/1.1 0-7163740/80/6275_ 42.9211155339500.00.9382.96 198.199.121.22http/1.1localhost:80GET /server-status HTTP/1.1 0-7163740/83/6494_ 42.991083866190.00.8987.11 178.62.3.65http/1.1localhost:80GET /config.json HTTP/1.1 0-7163740/83/6912_ 43.080062438200.00.8688.82 128.199.61.251http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-7163740/87/6258_ 43.030086569720.00.9681.50 144.126.198.24http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-7163740/72/6418_ 43.00084966619010.00.8983.38 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /ycnxhvp-1883aetidm.html HTTP/1.1 0-7163740/71/6550_ 42.970064600560.00.8385.14 104.236.193.132http/1.1localhost:80GET /_all_dbs HTTP/1.1 0-7163740/82/6575_ 43.050071507380.00.8983.55 142.93.64.15http/1.1localhost:80GET /config.json HTTP/1.1 0-7163740/96/6350_ 43.080070858190.01.0188.83 165.22.74.203http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-7163741/85/6620W 43.010094769110.01.0191.62 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /fkuxhvp-49340hitems/etidm1.html HTTP/1.1 0-7163740/84/6301_ 42.950074432810.00.9285.22 198.199.121.22http/1.1localhost:80GET /login.action HTTP/1.1 0-7163741/70/6851W 43.000078983180.00.6891.11 204.12.211.66http/1.1www.twinbuilt.co.th:443GET / HTTP/1.1 0-7163740/86/6396_ 42.88184765346480.00.9491.74 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /lyalgro-8604netidm5.htm HTTP/1.1 0-7163740/75/6299_ 43.021077285830.00.8379.02 139.144.150.45http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-7163740/95/6423_ 43.050059589940.01.0683.00 167.99.184.41http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-7163740/85/6403_ 42.980073047730.00.9992.38 31.184.236.19http/1.1 0-7163740/76/6402_ 43.030079768310.00.88113.10 165.22.74.203http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-7163740/70/6323_ 42.991068504850.00.8279.72 167.172.20.95http/1.1localhost:80GET /.DS_Store HTTP/1.1 0-7163740/72/6591_ 43.000074543060.00.75118.62 46.101.103.192http/1.1localhost:443GET /about HTTP/1.1 0-7163740/76/6286_ 43.021069382660.00.7292.00 165.22.74.203http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-7163740/85/6603_ 43.060071947680.00.8984.83 178.62.3.65http/1.1localhost:443GET /v2/_catalog HTTP/1.1 1-7-0/0/6466. 0.00193442274721740.00.0084.07 51.15.59.15http/1.1www.happy-carrent.com:443POST /xmlrpc.php HTTP/1.1 1-7-0/0/6249. 0.00193445268360270.00.0079.42 66.249.71.201http/1.1www.twinbuilt.co.th:443GET /?e=5501-seminary-rd-unit-2305s-falls-church-va-22041-5-ii- 1-7-0/0/6212. 0.001934959100680970.00.0080.31 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /pveitgo-24936retidm30cir.htm HTTP/1.1 1-7-0/0/5977. 0.00193484377800350.00.0079.41 52.167.144.137h2www.chonlateenextbiz.com:443[1/1] done: stream 1, GET /8pcpoe/best-cursive-fonts-for-tattoo 1-7-0/0/6152. 0.00193484376922630.00.0092.62 52.70.240.171http/1.1www.chonlateeboi.com:443GET /42454qecvetidm79w HTTP/1.1 1-7-0/0/6223. 0.00193484766598140.00.0081.75 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /ntcitgo-35802petid.htm HTTP/1.1 1-7-0/0/6251. 0.001934219370593040.00.0079.56 52.70.240.171http/1.1www.chonlateeboi.com:443GET /19075oqmiitems/etidm HTTP/1.1 1-7-0/0/6319. 0.00193488579594730.00.0084.70 52.167.144.186h2www.happy-carrent.com:443GET /wp-content/uploads/2018/09/Page-02-1024x410.jpg HTTP/2.0 1-7-0/0/6288. 0.001934114057278660.00.0081.40 52.167.144.186h2www.happy-carrent.com:443[1/1] done: stream 1, GET /wp-content/uploads/2018/09/Page-02-1 1-7-0/0/6224. 0.00193430979955160.00.0086.70 163.172.106.185http/1.1www.tspaccount.net:443POST /wp-login.php HTTP/1.1 1-7-0/0/6028. 0.00193467377872850.00.0086.08 185.191.171.5http/1.1www.chonlateefood.com:443GET /getid/rig11587vvpiitems HTTP/1.1 1-7-0/0/6552. 0.00193497160633540.00.0094.71 52.70.240.171http/1.1www.chonlateeboi.com:443GET /20484tbrmetidm1.htm HTTP/1.1 1-7-0/0/6284. 0.00193484581432030.00.0084.49 23.22.35.162http/1.1www.c
Found on 2024-01-07 03:28 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3125900f4a25900f4a97a01c07Apache Status Apache Server Status for ftp.winnerpropest.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Saturday, 06-Jan-2024 02:04:01 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 3 Parent Server MPM Generation: 2 Server uptime: 16 hours 2 minutes 40 seconds Server load: 2.64 2.60 2.57 Total accesses: 287027 - Total Traffic: 4.1 GB - Total Duration: 249225260 CPU Usage: u570.46 s30.67 cu4282.28 cs230.01 - 8.85% CPU load 4.97 requests/sec - 74.2 kB/second - 14.9 kB/request - 868.299 ms/request 16 requests currently being processed, 112 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 019907no15yes428009 419908no6yes824001 719927no4yes131004 919931no1yes329000 Sum4026 161120014 ___________RW______W_______R____................................ ................................................................ ______W___W_____WW______W___WRR_................................ ................................___________________________W____ ................................___R______R___R_________________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-2199070/198/3041_ 120.911025205700.02.2945.32 159.203.182.222http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-2199070/180/3275_ 120.911023777810.02.3843.33 165.232.76.155http/1.1localhost:443GET /login.action HTTP/1.1 0-2199070/184/2977_ 120.95060836512270.02.3852.02 91.92.252.141http/1.1www.uniqueworkthailand.com:443GET /wp-content/themes/include.php HTTP/1.1 0-2199070/178/3208_ 120.911026427160.02.4240.89 159.203.63.67http/1.1localhost:443GET /about HTTP/1.1 0-2199070/173/3097_ 120.802024277170.02.0038.82 139.144.150.8http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-2199070/180/3333_ 120.940105027008790.02.6042.29 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?nrcadej-212498pitems/etid.html HTTP/1.1 0-2199070/186/3108_ 120.850024411440.02.3553.92 134.122.89.242http/1.1localhost:443GET /about HTTP/1.1 0-2199070/202/3122_ 120.831025250940.02.1640.55 164.92.192.25http/1.1localhost:80GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-2199070/196/3171_ 120.490025129920.02.1582.94 165.232.76.155http/1.1localhost:443GET / HTTP/1.1 0-2199070/178/3099_ 120.13088024307630.02.2640.08 20.15.133.186h2www.twinbuilt.co.th:443[0/0] init 0-2199070/190/3037_ 120.570027839410.02.3637.37 142.93.64.15h2localhost:443[0/0] Software caused connection abort 0-2199070/208/2985R 120.86383924426000.02.4938.54 52.167.144.216h2www.chonlateeboi.com:443[1/0] schedule: stream 1, GET /37666oqmietidm69smt.htm 0-2199071/173/2940W 120.830024368910.02.0840.30 91.92.252.141http/1.1www.thaiquickservice.net:443GET /wp-includes/widgets/include.php HTTP/1.1 0-2199070/170/3222_ 120.191035696140.02.1643.82 142.93.64.15h2localhost:443[0/0] Software caused connection abort 0-2199070/187/3282_ 120.860027815210.02.1544.14 165.232.76.155http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-2199070/170/3019_ 120.940025288150.01.9739.14 167.172.20.95http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-2199070/178/2965_ 120.84186728383860.02.2938.59 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?dreadej-285106retidm85qer.htm HTTP/1.1 0-2199070/175/3254_ 120.911023888650.01.9843.16 142.93.64.15http/1.1localhost:443GET /about HTTP/1.1 0-2199070/179/3153_ 120.600023755200.02.2841.29 164.92.192.25http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 0-2199071/175/2996W 115.69217025927860.02.0744.40 94.228.169.107http/1.1www.thesungolden.com:443POST /wp-content/uploads/wpr-addons/forms/061f69806f7d.php HTTP 0-2199070/177/3042_ 120.911023803270.02.4143.44 74.207.237.114http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-2199070/173/3099_ 120.860026179580.02.2244.40 142.93.64.15http/1.1localhost:443GET / HTTP/1.1 0-2199070/192/3437_ 120.851024117620.02.2843.75 45.55.193.222http/1.1localhost:80GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-2199070/160/2933_ 120.721523907450.01.9038.70 74.207.237.114http/1.1localhost:80GET /server-status HTTP/1.1 0-2199070/187/2996_ 120.590024240880.02.4138.41 20.15.133.186h2www.twinbuilt.co.th:443[2/2] done: stream 3, GET /?a=skf-6002-2znrjem-deep-groove-ball 0-2199070/182/2982_ 120.950023974930.02.3538.79 165.232.76.155http/1.1localhost:443GET /.DS_Store HTTP/1.1 0-2199070/170/3062_ 120.86083727159390.02.0549.15 20.15.133.186h2www.twinbuilt.co.th:443GET /?a=skf-6002-2znrjem-deep-groove-ball-bearing-double-shield 0-2199070/166/3042R 120.43284528249180.02.2769.49 142.93.64.15http/1.1 0-2199070/185/2950_ 120.80289724253470.02.2437.21 185.191.171.10http/1.1www.chonlateefood.com:443GET /get/mrb23802csrtitems.htm HTTP/1.1 0-2199070/185/3294_ 120.510022866570.02.2977.86 52.167.144.216h2www.chonlateeboi.com:443[0/0] init 0-2199070/186/2995_ 120.911024175000.02.3846.47 162.243.186.177http/1.1localhost:443GET /about HTTP/1.1 0-2199070/187/3350_ 120.872026981280.02.3340.96 167.172.20.95http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 1-1-0/0/2323. 0.00593286617630010.00.0030.27 207.46.13.154http/1.1www.thaidaoherb.com:443GET /9i7h/dyv42461ryyhc053875235.html HTTP/2.0 1-1-0/0/2100. 0.005932173417390000.00.0027.02 66.249.71.7http/1.1www.chonlateenextbiz.com:443GET /db.php?g3192039.shtml HTTP/1.1 1-1-0/0/2227. 0.005932107117630050.00.0030.69 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?rngadej-26472tetidm80eat.htm HTTP/1.1 1-1-0/0/2089. 0.005932211517285130.00.0027.89 66.249.69.229http/1.1www.chonlateenextbiz.com:443GET /db.php?g335424.shtml HTTP/1.1 1-1-0/0/2129. 0.00593285117106500.00.0032.51 52.70.240.171http/1.1www.chonlateeboi.com:443GET /48835biwxitems/etidm HTTP/1.1 1-1-0/0/2185. 0.00593285816794840.00.0028.38 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?jryadej-23266letid HTTP/1.1 1-1-0/0/2135. 0.00593297217421340.00.0026.37 23.22.35.162http/1.1www.chonlateeboi.com:443GET /22684biwxetidm7 HTTP/1.1 1-1-0/0/2185. 0.0059321717237790.00.0029.46 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?papaw99.xml HTTP/1.1 1-1-0/0/2163. 0.00593284617365570.00.0029.98 23.22.35.162http/1.1www.chonlateeboi.com:443GET /42349biwxitems/etidm52 HTTP/1.1 1-1-0/0/2112. 0.00593289516912400.00.0027.55 185.191.171.3http/1.1www.chonlateefood.com:443GET /geti/cer43578htewitems.htm HTTP/1.1 1-1-0/0/2118. 0.005932102016733450.00.0031.98 157.55.39.202h2www.chonlateeadmin.com:443[1/1] done: stream 1, GET /tviipbe-49432vetidm29giv 1-1-0/0/2249. 0.005932105217993880.00.0031.23 3.224.2
Found on 2024-01-05 19:03 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3125900f4a25900f4a10baaffaApache Status Apache Server Status for ftp.winnerpropest.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Tuesday, 12-Dec-2023 01:31:47 ICT Restart Time: Friday, 01-Dec-2023 00:22:58 ICT Parent Server Config. Generation: 43 Parent Server MPM Generation: 42 Server uptime: 11 days 1 hour 8 minutes 48 seconds Server load: 0.32 0.50 0.59 Total accesses: 4379089 - Total Traffic: 56.2 GB - Total Duration: 4134565337 CPU Usage: u436.53 s59.5 cu78638.1 cs4114.73 - 8.72% CPU load 4.59 requests/sec - 61.7 kB/second - 13.5 kB/request - 944.161 ms/request 9 requests currently being processed, 119 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 113923no9yes329006 213703no8yes131007 313704no9yes329007 513924no5yes230000 Sum4031 91190020 ................................______W______________W__W_______ ______________________________R__W_______R_______________W______ ................................____W___________W_______________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-42-0/0/39438. 0.003995847358265920.00.00499.50 195.201.83.132http/1.1www.thesungolden.com:443GET /tzeu2e/samsung-pm983-firmware-ssd.html HTTP/1.1 0-42-0/0/38824. 0.003995882365500810.00.00489.86 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?148874rxilitems/etid.html HTTP/1.1 0-42-0/0/39196. 0.003995888400205990.00.00502.64 52.70.240.171http/1.1www.chonlateeboi.com:443GET /trust.php?193658rxilitems/etid.html HTTP/1.1 0-42-0/0/39239. 0.0039950388973120.00.00512.53 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /hmozycz95752bitems/etidm24uzb.html HTTP/1.1 0-42-0/0/39751. 0.003995943369260050.00.00566.31 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?xwmqxjd-31418zitems/etid.html HTTP/1.1 0-42-0/0/38814. 0.0039951126398202220.00.00490.73 195.201.83.132http/1.1www.thesungolden.com:443GET /tzeu2e/samsung-pm983-firmware-ssd.html HTTP/1.1 0-42-0/0/39138. 0.0039950402069420.00.00493.03 66.249.64.42http/1.1www.thaidaoherb.com:443GET /godsend/godsend.php?ite/prp100531hvortidm195232.html HTTP/ 0-42-0/0/39909. 0.0039951216367066320.00.00500.86 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?cqrqxjd-76039eitems/etidm97pd HTTP/1.1 0-42-0/0/38868. 0.0039950379085210.00.00508.90 52.230.152.217http/1.1www.chonlateedesign.com:80GET /web-promote/ HTTP/1.1 0-42-0/0/39270. 0.003995595367326990.00.00501.47 144.76.67.250http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /tag/year-2566-financial-statement-closure-%E0%B8%AD%E0%B8% 0-42-0/0/38878. 0.0039951386384025070.00.00473.15 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?udnhgeq-42075aitems/eti HTTP/1.1 0-42-0/0/38930. 0.0039950368421470.00.00522.38 188.165.241.181http/1.1www.cnb.co.th:443GET /tag/%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%88%E0%B8%94%E0%B8%97 0-42-0/0/38825. 0.003995878374403580.00.00474.36 3.224.220.101http/1.1www.chonlateeboi.com:443GET /trust.php?153446rxilitems/etidm22u.html HTTP/1.1 0-42-0/0/38997. 0.0039951051406855700.00.00502.68 66.249.71.2http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?bgutmjj-25052hetid.htm HTTP/1.1 0-42-0/0/39185. 0.0039951165379639030.00.00492.25 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?rwkiejy-29618xetidm10ejx.htm HTTP/1.1 0-42-0/0/38879. 0.003995892371377940.00.00547.12 52.70.240.171http/1.1www.chonlateeboi.com:443GET /trust.php?150861rxilitems/etidm68.htm HTTP/1.1 0-42-0/0/39850. 0.0039951109374331580.00.00526.81 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?wfpzslq-39373cetidm.html HTTP/1.1 0-42-0/0/39367. 0.0039951223366063800.00.00485.13 40.77.167.235h2www.chonlateeaa.com:443[1/1] done: stream 1, GET /sitemap880.xml 0-42-0/0/39388. 0.003995900367170330.00.00509.03 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?jwyqxjd-76098letid.htm HTTP/1.1 0-42-0/0/39657. 0.003995869383840280.00.00545.46 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?lgetrge-7980retid HTTP/1.1 0-42-0/0/39000. 0.003995870363770880.00.00513.82 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?unnupca-40515aitems/eti HTTP/1.1 0-42-0/0/39221. 0.0039950387436970.00.00506.24 52.230.152.217http/1.1www.wealneosupply.com:80GET /robots.txt HTTP/1.1 0-42-0/0/38987. 0.0039951431406414790.00.00516.07 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?166920rxiletidm11arp.htm HTTP/1.1 0-42-0/0/38288. 0.0039951451361154300.00.00476.08 188.165.241.181http/1.1www.cnb.co.th:443GET /tag/%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%88%E0%B8%94%E0%B8%97 0-42-0/0/39329. 0.0039951225370519850.00.00521.52 66.249.71.2http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?tmmlbze-40358zetidm7.htm HTTP/1.1 0-42-0/0/38623. 0.0039950387982390.00.00472.33 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /impzycz95727citems/etidm36vz HTTP/1.1 0-42-0/0/39332. 0.0039950372505250.00.00585.11 130.255.166.82http/1.1www.1smestartup.com:80GET / HTTP/1.1 0-42-0/0/38557. 0.003995858369705720.00.00511.75 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?skhqxjd-15553uitems/eti HTTP/1.1 0-42-0/0/39158. 0.003995564411240670.00.00524.98 40.77.111.208http/1.1www.ddkserviceandtransport.com:GET /wp-json/wp/v2/users/ HTTP/1.1 0-42-0/0/39137. 0.003995890374606560.00.00505.74 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?biqvrsm-340952ditems/etidm68ovd.html HTTP/1.1 0-42-0/0/39126. 0.003995885369584480.00.00495.06 188.165.241.181http/1.1www.cnb.co.th:443GET /tag/%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%88%E0%B8%94%E0%B8%97 0-42-0/0/38859. 0.003995849377556310.00.00539.35 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?mqbqxjd-33643oitems/etidm HTTP/1.1 1-42139230/219/40180_ 129.1810373939880.01.99507.36 178.62.3.65http/1.1localhost:443GET /v2/_catalog HTTP/1.1 1-42139230/197/40053_ 129.3600382178020.01.95549.20 134.122.89.242http/1.1localhost:443GET /_all_dbs HTTP/1.1 1-42139230/249/39873_ 129.3000383938980.06.91557.32 144.126.202.105http/1.1localhost:443GET /.env HTTP/1.1 1-42139230/206/40108_ 128.8110392346730.02.20564.74 178.128.151.41h2localhost:443[0/0] Software caused connection abort 1-42139230/272/40959_ 129.1020364169650.07.74625.34 134.122.89.242http/1.1localhost:443GET / HTTP/1.1 1-42139230/191/39651_ 129.1810361226530.02.20566.16 138.68.163.10http/1.1localhost:443GET /server-status HTTP/1.1 1-42139231/242/39804W 128.9900364133550.02.48532.07 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?wnpupca-40803citems/eti HTTP/1.1 1-42139230/251/40257_ 129.2110388058910.02.85513.23 134.122.89.242http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 1-42139230/196/39957_ 129.3200376623020.01.89503.08 138.68.163.10http/1.1localhost:443GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 1-42139230/204/40041_ 129.1010368945400.02.425
Found on 2023-12-11 18:31 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3125900f4a25900f4a3f24d752Apache Status Apache Server Status for ftp.winnerpropest.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Friday, 17-Nov-2023 08:51:34 ICT Restart Time: Sunday, 12-Nov-2023 01:49:47 ICT Parent Server Config. Generation: 18 Parent Server MPM Generation: 17 Server uptime: 5 days 7 hours 1 minute 46 seconds Server load: 17.51 17.49 17.39 Total accesses: 1354810 - Total Traffic: 16.9 GB - Total Duration: 2734451889 CPU Usage: u190.48 s22.76 cu12673.8 cs728.22 - 2.98% CPU load 2.96 requests/sec - 38.8 kB/second - 13.1 kB/request - 2018.33 ms/request 10 requests currently being processed, 54 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 110705no4yes1022000 66304no2yes032000 Sum206 1054000 ................................RR_________WR__R_W_W___R_____WR_ ................................................................ ................................................................ ________________________________................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-17-0/0/12060. 0.0036461175697360.00.00162.09 203.170.192.183http/1.1www.1smestartup.com:443GET /wp-content/themes/sydney/js/functions.min.js?ver=20210823 0-17-0/0/12468. 0.0036462132251388450.00.00137.45 134.209.101.210http/1.1www.chonlateemeet.com:443POST //xmlrpc.php HTTP/1.1 0-17-0/0/12081. 0.0036461354218161010.00.00141.41 134.209.101.210http/1.1www.chonlateemeet.com:443POST //xmlrpc.php HTTP/1.1 0-17-0/0/12377. 0.003646909177095820.00.00155.95 3.224.220.101http/1.1www.chonlateeboi.com:443GET /43581ymuiitems/etidm85.htm HTTP/1.1 0-17-0/0/12174. 0.003646918214120200.00.00166.01 66.249.66.194http/1.1www.chonlateefood.com:443GET /mds.php?items/pme8231qummtidm44929.html HTTP/1.1 0-17-0/0/12088. 0.003646480175140010.00.00152.72 85.208.96.207http/1.1www.mkandptfoods.com:443GET /wzy.php?m23923173227.html HTTP/1.1 0-17-0/0/12475. 0.003646693244797780.00.00175.65 207.46.13.153h2www.thesungolden.com:443[1/1] done: stream 1, GET /550818/23656890.html 0-17-0/0/12048. 0.003646628209737680.00.00165.11 66.249.66.194http/1.1www.chonlateefood.com:443GET /mds.php?item/wyl42194tryotidm.html HTTP/1.1 0-17-0/0/12213. 0.0036461506249321740.00.00131.24 195.191.219.133http/1.1www.cnb.co.th:443GET /tag/%E0%B9%80%E0%B8%81%E0%B8%A9%E0%B8%95%E0%B8%A3%E0%B8%AA 0-17-0/0/11828. 0.003646863196033380.00.00163.49 195.191.219.133http/1.1www.cnb.co.th:443GET /tag/%E0%B8%AD%E0%B8%B8%E0%B8%97%E0%B8%B1%E0%B8%A2/ HTTP/1. 0-17-0/0/12045. 0.0036462036237338930.00.00156.10 195.191.219.133http/1.1www.cnb.co.th:443GET /tag/%E0%B8%AD%E0%B8%B8%E0%B8%9A%E0%B8%A5%E0%B8%A3%E0%B8%B1 0-17-0/0/12625. 0.003646676182717830.00.00149.14 136.243.228.193http/1.1www.mkandptfoods.com:443GET /wzy.php?m85333783884.html HTTP/1.1 0-17-0/0/12476. 0.003646626195374930.00.00172.05 66.249.71.67http/1.1www.chonlateefood.com:443GET /mds.php?items/amp3146zzmatidm.html HTTP/1.1 0-17-0/0/11879. 0.003646847176824960.00.00194.36 185.191.171.8http/1.1www.1smestartup.com:443GET /%E0%B8%88%E0%B8%94%E0%B8%97%E0%B8%B0%E0%B9%80%E0%B8%9A%E0% 0-17-0/0/12636. 0.0036460175751230.00.00159.29 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /jgqcktp202458dd45e HTTP/1.1 0-17-0/0/11935. 0.0036463233555860.00.00135.90 47.128.58.99h2www.seasabithailand.com:443[0/0] init 0-17-0/0/12322. 0.003646466177312260.00.00170.51 136.243.228.193http/1.1www.mkandptfoods.com:443GET /wzy.php?m85333729304.html HTTP/1.1 0-17-0/0/12384. 0.0036461198050850.00.00166.44 203.170.192.183http/1.1www.1smestartup.com:443GET /wp-content/themes/sydney/js/functions.min.js?ver=20210823 0-17-0/0/11822. 0.0036461958171584410.00.00146.44 207.46.13.153h2www.thesungolden.com:443GET /550818/23656890.html HTTP/2.0 0-17-0/0/12496. 0.003646841173856660.00.00151.92 66.249.66.194http/1.1www.chonlateefood.com:443GET /mds.php?items/feu41345aegktid.html HTTP/1.1 0-17-0/0/12362. 0.003646467215546040.00.00184.89 136.243.228.193http/1.1www.mkandptfoods.com:443GET /wzy.php?m85333710588.html HTTP/1.1 0-17-0/0/12691. 0.0036460235660660.00.00173.17 188.165.87.96http/1.1localhost:443GET / HTTP/1.1 0-17-0/0/12706. 0.0036461100181148300.00.00159.50 134.209.101.210http/1.1www.chonlateemeet.com:443POST //xmlrpc.php HTTP/1.1 0-17-0/0/12290. 0.0036461428229713640.00.00149.59 207.46.13.153h2www.thesungolden.com:443[0/0] init 0-17-0/0/11917. 0.0036461032177640310.00.00167.65 66.249.66.194http/1.1www.chonlateefood.com:443GET /mds.php?items/ovd30902pvvjtidm5661.html HTTP/1.1 0-17-0/0/11858. 0.003646627225251620.00.00146.54 66.249.71.67http/1.1www.chonlateefood.com:443GET /mds.php?items/zio13181yieutidm392.html HTTP/1.1 0-17-0/0/12458. 0.003646952243734240.00.00156.74 23.22.35.162http/1.1www.chonlateeboi.com:443GET /20579ymuietidm.html HTTP/1.1 0-17-0/0/12548. 0.0036463589231902850.00.00158.37 203.170.192.183http/1.1www.1smestartup.com:443GET /%E0%B8%88%E0%B8%94%E0%B8%97%E0%B8%B0%E0%B9%80%E0%B8%9A%E0% 0-17-0/0/11969. 0.0036462156247210200.00.00132.89 134.209.101.210http/1.1www.chonlateemeet.com:443POST //xmlrpc.php HTTP/1.1 0-17-0/0/12048. 0.0036463064224777600.00.00131.00 185.191.171.8http/1.1www.1smestartup.com:443GET /%E0%B8%88%E0%B8%94%E0%B8%97%E0%B8%B0%E0%B9%80%E0%B8%9A%E0% 0-17-0/0/11924. 0.003646479177695360.00.00145.46 195.191.219.133http/1.1www.cnb.co.th:443GET /tag/%E0%B9%80%E0%B8%81%E0%B8%A9%E0%B8%95%E0%B8%A3%E0%B8%AA 0-17-0/0/11960. 0.0036460174382840.00.00151.26 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /uxbcktp211777o87d.html HTTP/1.1 1-17107050/265/12147R 76.8400159742330.07.41174.88 23.22.35.162http/1.1 1-17107050/299/11367R 76.9400158579600.04.00157.22 139.59.65.144http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 1-17107050/202/11587_ 76.7200163536590.02.03217.29 164.90.222.93h2localhost:443[0/0] Software caused connection abort 1-17107050/206/11329_ 76.7800159145090.02.45131.96 164.90.205.35h2localhost:443[0/0] Software caused connection abort 1-17107050/257/11688_ 76.7300158211630.02.49175.14 165.22.108.223http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 1-17107050/211/11537_ 76.6901166986110.02.07139.01 139.144.150.23h2localhost:443[0/0] Software caused connection abort 1-17107050/233/11372_ 76.9700161434250.02.61170.64 178.62.3.65http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-17107050/210/12002_ 76.9500216218310.02.06139.95 207.154.240.169http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-17107050/206/11953_ 76.9400161324080.03.05153.40 167.172.20.95http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-17107050/294/11902_ 76.7500168475430.04.96162.42 164.90.222.93h2localhost:443[0/0] Software caused connection abort 1-17107050/268/11681_ 76.9405159882670.02.46164.25 167.172.20.95http/1.1localhost:80GET /server-status HTTP/1.1 1-1710705
Found on 2023-11-17 01:51 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3125900f4a25900f4a79d56bcaApache Status Apache Server Status for ftp.winnerpropest.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Wednesday, 08-Nov-2023 22:40:42 ICT Restart Time: Monday, 06-Nov-2023 09:41:18 ICT Parent Server Config. Generation: 7 Parent Server MPM Generation: 6 Server uptime: 2 days 12 hours 59 minutes 24 seconds Server load: 2.13 2.13 1.96 Total accesses: 592899 - Total Traffic: 9.4 GB - Total Duration: 895182836 CPU Usage: u77.8 s15.57 cu8596.67 cs552.47 - 4.21% CPU load 2.7 requests/sec - 45.0 kB/second - 16.6 kB/request - 1509.84 ms/request 7 requests currently being processed, 89 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 019180no7yes329003 128701no1yes428000 217998no8yes032007 Sum3016 7890010 __________________R__R______W_____W________________W_R___W______ ________________________________................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-6191800/75/5373_ 28.702083492490.00.68112.45 104.164.173.76http/1.1 0-6191800/67/4865_ 28.401096931720.01.3572.76 54.185.132.195http/1.1localhost:80GET /.well-known/acme-challenge/zLuKEfoITeMe5UTabqHf-LsgEV0JgNi 0-6191800/68/5123_ 28.92185765969270.00.83107.47 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?ebtaonh-13277getidm53.html HTTP/1.1 0-6191800/62/5278_ 28.802065920410.01.4999.97 139.144.150.23http/1.1www.winnerpropest.com:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-6191800/62/5215_ 28.231076305300.00.6975.78 100.21.24.205http/1.1www.thefixup333.com:80GET /robots.txt HTTP/1.1 0-6191800/61/4939_ 28.921071923970.00.6077.64 207.154.240.169http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-6191800/61/5149_ 28.722072368290.00.4875.88 165.232.76.155http/1.1localhost:80GET /_all_dbs HTTP/1.1 0-6191800/58/5043_ 27.901087300680.00.7072.78 207.46.13.150h2www.nakindogtraining.com:443[0/0] init 0-6191800/80/5465_ 28.690092815760.00.7293.02 127.0.0.1http/1.1server2.chonlatee.com:80\n 0-6191800/72/4994_ 28.582074798280.00.5168.67 134.122.89.242h2localhost:443[0/0] Software caused connection abort 0-6191800/66/5039_ 28.780088870340.00.3872.18 134.122.89.242h2localhost:443[0/0] Software caused connection abort 0-6191800/62/5448_ 28.862064548220.00.7195.76 128.199.61.251http/1.1localhost:80GET /about HTTP/1.1 0-6191800/74/5094_ 28.90184387826500.00.5967.70 3.224.220.101http/1.1www.chonlateeboi.com:443GET /trust.php?122676msubetidm2.htm HTTP/1.1 0-6191800/71/5653_ 28.721067455440.00.5979.90 128.199.61.251http/1.1localhost:80\x16\x03\x01\x01\n 0-6191800/64/5153_ 28.901069914000.00.4280.56 165.232.76.155http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-6191800/71/5118_ 28.081231769257330.00.90102.16 23.22.35.162http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /content/0041649740.html HTTP/1.1 0-6191800/70/5115_ 28.901067914860.00.5088.13 128.199.62.55http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-6191800/60/5275_ 28.712114968930280.00.6071.56 104.164.173.76http/1.1 0-6191800/75/5601R 28.44352690682680.00.78110.46 159.203.182.222http/1.1 0-6191800/69/4927_ 28.392104278579840.00.5877.82 178.62.73.12h2localhost:443[0/0] Software caused connection abort 0-6191800/72/5427_ 28.950091599970.00.6190.23 128.199.61.251http/1.1localhost:80GET /login.action HTTP/1.1 0-6191800/66/5449R 28.792072521260.00.6489.62 207.154.240.169http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-6191800/71/5140_ 28.07177668926690.00.5175.03 159.203.182.222h2localhost:443[0/0] Software caused connection abort 0-6191800/81/5188_ 28.712870270250.00.7480.91 104.164.173.76http/1.1 0-6191800/68/5379_ 28.702075323700.00.59103.19 104.164.173.76http/1.1 0-6191800/72/5001_ 27.450065908750.01.0888.21 178.62.73.12h2localhost:443[0/0] Software caused connection abort 0-6191800/85/4845_ 28.902070856280.00.8577.90 207.154.240.169http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 0-6191800/68/5199_ 28.502073405780.00.4688.58 159.203.182.222h2localhost:443[0/0] Software caused connection abort 0-6191801/71/5218W 28.690086562860.00.6491.75 128.199.62.55http/1.1localhost:443GET /server-status HTTP/1.1 0-6191800/54/4856_ 27.852767580960.00.90107.17 134.122.89.242h2localhost:443[0/0] Software caused connection abort 0-6191800/60/5139_ 28.680072916820.00.38114.11 178.62.73.12h2localhost:443[0/0] Software caused connection abort 0-6191800/61/5156_ 28.920068392850.00.6174.56 207.154.240.169http/1.1localhost:80GET /login.action HTTP/1.1 1-6287010/2/5407_ 1.0211063004950.00.0188.48 134.122.89.242http/1.1 1-6287010/3/4955_ 1.12045161104540.00.0169.21 159.203.182.222http/1.1www.winnerpropest.com:443GET / HTTP/1.1 1-6287011/2/4714W 1.050080352810.00.0271.63 66.249.69.173http/1.1www.xn--12cx2bef7bl0boq4ch6gugwGET /tag/%E0%B8%88%E0%B8%B3%E0%B8%AB%E0%B8%99%E0%B9%88%E0%B8%B2 1-6287010/5/5179_ 1.111062289080.00.0483.57 207.154.240.169http/1.1localhost:80GET /v2/_catalog HTTP/1.1 1-6287010/1/4782_ 0.420283663336050.00.0080.84 159.203.182.222http/1.1 1-6287010/3/5089_ 1.021064172340.00.0376.49 165.232.76.155http/1.1localhost:80GET /.DS_Store HTTP/1.1 1-6287010/2/5307_ 1.111079859070.00.0179.67 128.199.61.251http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 1-6287010/2/4993_ 0.911063480340.00.0184.07 178.62.73.12http/1.1 1-6287010/4/5113_ 1.0210112601750.00.0484.47 139.144.150.23http/1.1www.winnerpropest.com:80GET /.env HTTP/1.1 1-6287010/2/5214_ 1.021077743300.00.0385.93 104.164.173.76http/1.1www.xn--q3cj1a4cd8i.com:443GET / HTTP/1.1 1-6287010/3/5091_ 1.111073543280.00.0276.87 128.199.61.251http/1.1localhost:80GET /v2/_catalog HTTP/1.1 1-6287010/1/4991_ 0.911063445300.00.0080.03 139.144.150.23http/1.1www.winnerpropest.com:80GET /v2/_catalog HTTP/1.1 1-6287010/4/5269_ 1.150879970360.00.0273.60 207.154.240.169http/1.1localhost:80GET /server-status HTTP/1.1 1-6287010/2/5033_ 1.020062565120.00.0096.12 128.199.62.55http/1.1 1-6287010/3/5251_ 1.060060475560.00.0277.56 128.199.62.55http
Found on 2023-11-08 15:40 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a3070605d2ba6d13Apache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Saturday, 23-Sep-2023 10:51:39 +07 Restart Time: Saturday, 23-Sep-2023 04:02:11 +07 Parent Server Config. Generation: 1763 Parent Server MPM Generation: 1762 Server uptime: 6 hours 49 minutes 28 seconds Server load: 1.12 0.86 0.78 Total accesses: 39842 - Total Traffic: 592.5 MB - Total Duration: 53872402 CPU Usage: u2791.55 s5177.85 cu51103300 cs12502600 - 259000% CPU load 1.62 requests/sec - 24.7 kB/second - 15.2 kB/request - 1352.15 ms/request 6 requests currently being processed, 9 idle workers _.WW__CW_W_W____.................................. Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-176220780/37/3261_ 41.75063741746830.00.2257.32 144.126.198.24http/1.1 1-1762-0/0/3128. 0.001107642584090.00.0059.96 172.68.234.128http/1.1www.accprogress.com:80GET /%E0%B8%88%E0%B8%94%E0%B8%97%E0%B8%B0%E0%B9%80%E0%B8%9A%E0% 2-176221370/31/3257W 11.270043059030.00.4940.42 164.90.205.35http/1.1localhost:443GET /server-status HTTP/1.1 3-176222590/12/2956W 33.134039376040.00.0640.07 172.68.234.214http/1.1www.business.co.th:443POST /wp-cron.php?doing_wp_cron=1695441095.07882189750671386718 4-176224080/4/3177_ 1.28035939752110.00.0153.78 172.71.178.45http/1.1www.accprogress.com:80POST /wp-login.php HTTP/1.0 5-176217110/88/3010_ 26.620043993350.00.9436.11 164.90.205.35http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 6-176217561/90/2861C 32.880138507191.42.0836.89 164.90.205.35http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 7-176223140/20/2616W 3.140035572160.00.0937.26 172.68.234.229http/1.1www.accprogress.com:80GET /%E0%B8%88%E0%B8%94%E0%B8%97%E0%B8%B0%E0%B9%80%E0%B8%9A%E0% 8-176224320/3/2406_ 1.580130432789920.00.0430.44 172.68.234.195http/1.1www.business.co.th:443GET /%E0%B8%88%E0%B8%94%E0%B8%97%E0%B8%B0%E0%B9%80%E0%B8%9A%E0% 9-176223300/14/2307W 1.004030912730.00.1730.89 172.68.234.129http/1.1www.accprogress.com:80POST /wp-cron.php?doing_wp_cron=1695441095.24212288856506347656 10-176224470/1/2264_ 0.000129604080.00.0028.59 164.90.205.35http/1.1localhost:443GET /about HTTP/1.1 11-176224490/3/2042W 0.480029974960.00.0929.09 172.68.234.135http/1.1www.business.co.th:443GET /%E0%B8%88%E0%B8%94%E0%B8%97%E0%B8%B0%E0%B9%80%E0%B8%9A%E0% 12-176224650/1/1499_ 0.820117821180280.00.0230.98 172.68.234.213http/1.1www.accprogress.com:80GET /%E0%B8%88%E0%B8%94%E0%B8%97%E0%B8%B0%E0%B9%80%E0%B8%9A%E0% 13-176224670/0/1342_ 0.000019740480.00.0018.41 144.126.198.24http/1.1 14-176224730/0/1131_ 0.000016367270.00.0020.93 144.126.198.24http/1.1 15-176224740/1/975_ 0.001112116180.00.0013.57 164.90.205.35http/1.1localhost:443GET /v2/_catalog HTTP/1.1 16-1762-0/0/725. 0.0026109287690.00.009.93 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 17-1762-0/0/196. 0.004802391480.00.003.35 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 18-1762-0/0/230. 0.0056304522590.00.004.06 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1762-0/0/193. 0.00278802580020.00.002.20 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 20-1762-0/0/119. 0.00278001371060.00.004.51 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 21-1762-0/0/97. 0.00229001093080.00.003.19 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1762-0/0/13. 0.002771069640.00.000.11 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1762-0/0/23. 0.002781092140.00.000.29 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 24-1762-0/0/13. 0.002785039470.00.000.14 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 25-1762-0/0/1. 0.005160000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 76subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 82 seconds, (range: 5...181)index usage: 2%, cache usage: 3%total entries stored since starting: 5686total entries replaced since starting: 0total entries expired since starting: 5610total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 218 hit, 13526 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-23 03:50 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a30706050011ab5cApache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Tuesday, 19-Sep-2023 14:47:48 +07 Restart Time: Tuesday, 19-Sep-2023 04:02:12 +07 Parent Server Config. Generation: 1744 Parent Server MPM Generation: 1743 Server uptime: 10 hours 45 minutes 36 seconds Server load: 2.38 1.52 1.31 Total accesses: 67612 - Total Traffic: 1.4 GB - Total Duration: 102339638 CPU Usage: u3022.78 s5187.2 cu50883900 cs12455400 - 164000% CPU load 1.75 requests/sec - 36.6 kB/second - 21.0 kB/request - 1513.63 ms/request 5 requests currently being processed, 8 idle workers W___.__C__WWC_.................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-174363090/29/5523W 10.440087220180.00.45130.42 74.207.237.114http/1.1localhost:443GET /server-status HTTP/1.1 1-174361360/32/5490_ 48.352083634670.00.32134.71 74.207.237.114http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 2-174360130/73/5508_ 28.321083198430.01.10106.28 74.207.237.114http/1.1localhost:443GET /about HTTP/1.1 3-174359370/90/5378_ 68.080077610500.01.32104.95 207.154.240.169http/1.1localhost:443GET /about HTTP/1.1 4-1743-0/0/5156. 0.007077856620.00.00102.29 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 5-174364620/9/5054_ 5.812074259620.00.07123.04 74.207.237.114http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 6-174360060/54/4856_ 60.970070354840.00.3491.48 207.154.240.169http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 7-174360191/68/4577C 60.660068111771.30.8890.29 207.154.240.169http/1.1localhost:443GET /v2/_catalog HTTP/1.1 8-174364700/9/4513_ 2.632071888020.00.2481.81 207.154.240.169http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 9-174360650/62/4033_ 68.561061390470.03.6974.11 74.207.237.114http/1.1localhost:443GET /v2/_catalog HTTP/1.1 10-174361500/43/3742W 22.2833057119690.00.7370.48 27.254.96.168http/1.1www.12gobiz.com:443GET /%E0%B8%88%E0%B8%94%E0%B8%97%E0%B8%B0%E0%B9%80%E0%B8%9A%E0% 11-174361650/52/2952W 23.1623048895970.00.6557.29 27.254.96.168http/1.1www.12gobiz.com:443GET /%E0%B8%88%E0%B8%94%E0%B8%97%E0%B8%B0%E0%B9%80%E0%B8%9A%E0% 12-174361731/38/2790C 49.320042484381.40.4463.30 74.207.237.114http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 13-174364720/8/2137_ 4.62291834873310.00.0742.93 124.120.35.241http/1.1www.chonlateefbl.com:80POST /wp-admin/admin-ajax.php HTTP/1.0 14-1743-0/0/1522. 0.00192022599140.00.0028.33 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 15-1743-0/0/1108. 0.001129016150400.00.0022.42 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 16-1743-0/0/1029. 0.001387014192240.00.0023.24 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 17-1743-0/0/349. 0.00143904090960.00.006.53 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 18-1743-0/0/328. 0.00143803222810.00.004.86 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1743-0/0/105. 0.00143701808530.00.002.30 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 20-1743-0/0/89. 0.0014360622100.00.002.17 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 21-1743-0/0/37. 0.00101520505240.00.001.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1743-0/0/110. 0.001013801868340.00.001.89 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1743-0/0/55. 0.0099390741120.00.000.86 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 24-1743-0/0/139. 0.001014901688780.00.001.73 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 25-1743-0/0/41. 0.00101460648490.00.000.26 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1743-0/0/43. 0.00101470740610.00.000.92 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 27-1743-0/0/12. 0.00101260286800.00.000.14 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1743-0/0/150. 0.00950001644400.00.002.39 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 29-1743-0/0/13. 0.00101360440100.00.000.28 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 30-1743-0/0/12. 0.00101350325260.00.000.05 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 31-1743-0/0/197. 0.00919313975970.00.005.21 139.144.150.205http/1.1localhost:80GET /.DS_Store HTTP/1.0 32-1743-0/0/80. 0.001014301026530.00.000.85 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 33-1743-0/0/98. 0.00937123392384530.00.001.28 35.164.89.242http/1.1www.ckt-trading.com:443GET / HTTP/1.1 34-1743-0/0/14. 0.00101240415030.00.000.08 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 35-1743-0/0/20. 0.00101250499850.00.000.28 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 36-1743-0/0/48. 0.0099460579330.00.001.33 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 37-1743-0/0/14. 0.00101440314670.00.000.07 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 38-1743-0/0/13. 0.00101420388600.00.000.19 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 39-1743-0/0/119. 0.001011501026510.00.002.11 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 40-1743-0/0/99. 0.001013401279860.00.001.36 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 41-1743-0/0/2. 0.0015688078890.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 42-1743-0/0/2. 0.0015693041080.00.000.02 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 43-1743-0/0/5. 0.00156640128780.00.000.10 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 44-1743-0/0/27. 0.00154920756610.00.000.33 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 45-1743-0/0/1. 0.0015700000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 46-1743-0/0/6. 0.0015663080.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 47-1743-0/0/6. 0.0015676050.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 48-1743-0/0/2. 0.0015699010.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 49-1743-0/0/8. 0.0015675025970.00.000.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Found on 2023-09-19 07:46 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a30706054ff2d20bApache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Sunday, 17-Sep-2023 02:08:36 +07 Restart Time: Sunday, 17-Sep-2023 00:27:57 +07 Parent Server Config. Generation: 1734 Parent Server MPM Generation: 1733 Server uptime: 1 hour 40 minutes 39 seconds Server load: 0.74 0.81 0.80 Total accesses: 8844 - Total Traffic: 128.6 MB - Total Duration: 11938853 CPU Usage: u2689.62 s5115.79 cu50712800 cs12419100 - 1050000% CPU load 1.46 requests/sec - 21.8 kB/second - 14.9 kB/request - 1349.94 ms/request 4 requests currently being processed, 6 idle workers ..WC_._.__R__...W................................. Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1733-0/0/727. 0.002409190180.00.0010.49 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 1-1733-0/0/763. 0.0033010206480.00.009.47 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 2-173395160/19/684W 9.93009903380.00.118.13 162.158.189.200http/1.1www.accgoing.com:80GET /wp-content/plugins/background-image-cropper/ups.php HTTP/1 3-173394241/31/684C 10.49009893111.40.218.75 144.126.202.105http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 4-173396540/4/631_ 1.53008303380.00.018.18 144.126.202.105http/1.1localhost:443GET /about HTTP/1.1 5-1733-0/0/652. 0.002508206590.00.008.94 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 6-173396780/4/593_ 2.041010105490.00.029.43 144.126.202.105http/1.1localhost:443GET /v2/_catalog HTTP/1.1 7-1733-0/0/557. 0.002907591950.00.009.46 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 8-173394400/25/641_ 13.03040338012650.00.159.69 178.62.73.12http/1.1 9-173393320/41/505_ 14.900506991590.00.206.58 170.231.251.226http/1.1www.npaccounting.co.th:443GET /wp-content/uploads/2023/08/LOGO-01-1-150x150.png HTTP/1.1 10-173393390/43/471R 17.37105252230.00.295.36 144.126.202.105http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 11-173394460/29/347_ 10.59004527820.00.184.61 178.62.73.12http/1.1 12-173396860/4/313_ 1.74104061240.00.033.43 178.62.73.12http/1.1localhost:443GET / HTTP/1.1 13-1733-0/0/243. 0.003103211470.00.0013.78 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 14-1733-0/0/210. 0.003203085090.00.002.29 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 15-1733-0/0/236. 0.003003313960.00.002.83 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 16-173395470/18/123W 6.69001984130.00.091.84 144.126.202.105http/1.1localhost:443GET /server-status HTTP/1.1 17-1733-0/0/138. 0.0043102080160.00.002.20 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 18-1733-0/0/46. 0.002720437180.00.000.46 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1733-0/0/9. 0.002175051440.00.000.05 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 20-1733-0/0/20. 0.0021870165770.00.000.12 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 21-1733-0/0/103. 0.00142401522820.00.001.31 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1733-0/0/13. 0.0021800106800.00.000.13 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1733-0/0/5. 0.002186026900.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 24-1733-0/0/2. 0.002195020.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 25-1733-0/0/3. 0.006028018690.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1733-0/0/86. 0.0053191959350.00.000.99 167.71.48.191http/1.1 27-1733-0/0/34. 0.0059480178140.00.000.12 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1733-0/0/5. 0.0060190380.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 92subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 55 seconds, (range: 9...279)index usage: 3%, cache usage: 4%total entries stored since starting: 1265total entries replaced since starting: 0total entries expired since starting: 1173total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 0 hit, 3925 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-16 19:07 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a3070605458f66a4Apache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Thursday, 14-Sep-2023 06:59:53 +07 Restart Time: Thursday, 14-Sep-2023 04:02:12 +07 Parent Server Config. Generation: 1721 Parent Server MPM Generation: 1720 Server uptime: 2 hours 57 minutes 41 seconds Server load: 0.21 0.35 0.58 Total accesses: 13293 - Total Traffic: 178.4 MB - Total Duration: 14161634 CPU Usage: u2663.88 s5089.43 cu50517600 cs12376800 - 590000% CPU load 1.25 requests/sec - 17.1 kB/second - 13.7 kB/request - 1065.35 ms/request 2 requests currently being processed, 9 idle workers .W_______C__...................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1720-0/0/1043. 0.003012317670.00.0017.50 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 1-1720223050/13/1086W 2.690011947370.00.1715.80 167.99.182.39http/1.1localhost:443GET /server-status HTTP/1.1 2-1720223110/13/1006_ 2.522010597360.00.2212.68 167.99.182.39http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 3-1720224130/1/1047_ 1.174134710717080.00.0211.05 172.68.242.57http/1.1www.time2hand.com:80GET /2284/ HTTP/1.0 4-1720221060/41/1114_ 7.146112537320.00.2523.35 172.68.242.46http/1.1www.time2hand.com:80GET /wp-content/uploads/siteorigin-widgets/sow-button-atom-fb78 5-1720222880/19/875_ 3.33109105400.00.139.04 167.99.182.39http/1.1localhost:443GET /about HTTP/1.1 6-1720221120/44/915_ 8.53409551500.00.3010.10 167.99.182.39http/1.1localhost:443GET / HTTP/1.1 7-1720220500/52/984_ 15.761010747660.00.4113.56 167.99.182.39http/1.1localhost:443GET /v2/_catalog HTTP/1.1 8-1720223170/14/793_ 3.76139004860.00.3811.07 1.46.13.126http/1.1 9-1720224191/2/907C 0.000010272101.40.0011.32 167.99.182.39http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 10-1720220560/54/727_ 19.08607506690.00.518.71 167.99.182.39http/1.1 11-1720220580/53/642_ 14.20206417750.00.357.55 167.99.182.39http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 12-1720-0/0/378. 0.0062003312530.00.004.32 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 13-1720-0/0/285. 0.0060202985670.00.002.32 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 14-1720-0/0/293. 0.0077703032250.00.002.88 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 15-1720-0/0/187. 0.0062601735320.00.002.28 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 16-1720-0/0/325. 0.0077604223850.00.003.83 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 17-1720-0/0/267. 0.00775912139180.00.005.81 172.71.182.6http/1.1www.yuritrading.com:80GET /inputs.php HTTP/1.0 18-1720-0/0/106. 0.00474801291690.00.001.64 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1720-0/0/41. 0.0047560403400.00.000.60 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 20-1720-0/0/131. 0.004073173848380.00.001.42 172.173.66.58http/1.1www.xn--12cf1cddmk0fho2ci6he1a9POST /wp-login.php HTTP/1.0 21-1720-0/0/40. 0.0047540364570.00.000.61 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1720-0/0/2. 0.0047470370.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1720-0/0/97. 0.004070199556150.00.000.99 172.173.66.58http/1.1www.xn--12cf1cddmk0fho2ci6he1a9POST /wp-login.php HTTP/1.0 24-1720-0/0/2. 0.0047440120.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 22subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 137 seconds, (range: 16...294)index usage: 0%, cache usage: 1%total entries stored since starting: 2641total entries replaced since starting: 0total entries expired since starting: 2619total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 14 hit, 5762 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-13 23:58 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a3070605510abb66Apache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Wednesday, 13-Sep-2023 12:49:36 +07 Restart Time: Wednesday, 13-Sep-2023 04:02:12 +07 Parent Server Config. Generation: 1717 Parent Server MPM Generation: 1716 Server uptime: 8 hours 47 minutes 24 seconds Server load: 1.73 1.44 1.19 Total accesses: 52254 - Total Traffic: 1005.7 MB - Total Duration: 78286128 CPU Usage: u2774.4 s5092.99 cu50479900 cs12368500 - 199000% CPU load 1.65 requests/sec - 32.5 kB/second - 19.7 kB/request - 1498.18 ms/request 3 requests currently being processed, 7 idle workers .___._.W..C___.R.................................. Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1716-0/0/4353. 0.0033066296230.00.0078.94 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 1-1716149930/9/4406_ 6.031064284100.00.1062.32 165.22.74.203http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 2-1716150220/10/4483_ 5.750060795470.00.1788.51 165.22.74.203http/1.1localhost:443GET /about HTTP/1.1 3-1716150290/7/4140_ 3.60029765929870.00.04123.58 206.81.1.88http/1.1 4-1716-0/0/4029. 0.006059026340.00.0059.48 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 5-1716150360/9/3987_ 4.0611157731710.00.0968.48 51.222.253.14http/1.1www.siamsolarrooftop.com:443GET /wp-content/uploads/siteorigin-widgets/sow-button-atom-92f5 6-1716-0/0/3575. 0.0021052588440.00.0075.84 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 7-1716147580/38/3571W 78.250053621940.00.8865.94 165.22.74.203http/1.1localhost:443GET /server-status HTTP/1.1 8-1716-0/0/3321. 0.00127050458900.00.0071.26 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 9-1716-0/0/3420. 0.00106053489360.00.0062.91 35.90.82.83http/1.1localhost:80GET / HTTP/1.0 10-1716149151/17/2806C 6.500041453251.40.2254.44 165.22.74.203http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 11-1716148360/40/2799_ 43.911045733430.00.6637.72 165.22.74.203http/1.1localhost:443GET /v2/_catalog HTTP/1.1 12-1716149230/21/2077_ 7.76058733272370.00.3651.61 206.81.1.88http/1.1 13-1716149320/17/1191_ 11.901136820169960.00.3822.36 206.81.1.88http/1.1 14-1716-0/0/951. 0.00125014224920.00.0014.59 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 15-1716149560/14/482R 36.4823877050390.00.078.48 51.222.253.7http/1.1 16-1716-0/0/863. 0.00212947412542540.00.0014.28 107.189.7.244http/1.1www.thai-pack.com:443POST /wp-login.php HTTP/1.1 17-1716-0/0/302. 0.00214504143610.00.003.19 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 18-1716-0/0/341. 0.00277504999570.00.005.94 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1716-0/0/291. 0.0028295824132860.00.0018.11 172.71.98.165http/1.1www.altaccount.com:80GET /simple.php HTTP/1.0 20-1716-0/0/124. 0.00506401047940.00.003.54 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 21-1716-0/0/124. 0.0051430766470.00.001.75 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1716-0/0/188. 0.00515102398000.00.003.09 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1716-0/0/135. 0.00487412476370.00.002.10 184.22.232.72http/1.1www.chonlateepr.com:443GET /wp-content/plugins/jeg-elementor-kit/lib/jeg-framework/ass 24-1716-0/0/21. 0.0014241037670.00.000.30 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 25-1716-0/0/9. 0.0014239063280.00.000.50 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1716-0/0/76. 0.001374401550070.00.001.93 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 27-1716-0/0/3. 0.0014249033330.00.000.04 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1716-0/0/3. 0.00142580700.00.000.02 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 29-1716-0/0/3. 0.00142570510.00.000.02 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 30-1716-0/0/9. 0.001424004950.00.000.23 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 31-1716-0/0/4. 0.00142520390.00.000.02 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 32-1716-0/0/3. 0.001425102160.00.000.09 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 33-1716-0/0/15. 0.00142120149050.00.000.96 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 34-1716-0/0/4. 0.001425001040.00.000.07 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 35-1716-0/0/6. 0.0014244036240.00.000.22 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 36-1716-0/0/6. 0.0014225053100.00.000.09 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 37-1716-0/0/61. 0.00139170977890.00.001.25 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 38-1716-0/0/69. 0.001383501316420.00.001.51 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 39-1716-0/0/3. 0.00142600250.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 155subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 75 seconds, (range: 21...204)index usage: 5%, cache usage: 7%total entries stored since starting: 9532total entries replaced since starting: 0total entries expired since starting: 9377total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 376 hit, 17747 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-13 05:48 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a307060515268146Apache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Monday, 11-Sep-2023 00:44:21 +07 Restart Time: Monday, 11-Sep-2023 00:24:35 +07 Parent Server Config. Generation: 1705 Parent Server MPM Generation: 1704 Server uptime: 19 minutes 45 seconds Server load: 2.35 1.68 1.37 Total accesses: 2421 - Total Traffic: 33.7 MB - Total Duration: 3065187 CPU Usage: u2788.39 s5097.99 cu50298200 cs12328900 - 5290000% CPU load 2.04 requests/sec - 29.1 kB/second - 14.2 kB/request - 1266.08 ms/request 5 requests currently being processed, 8 idle workers _W__W__._W_._WC................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1704186430/73/210_ 41.7918402798670.00.732.07 162.158.106.39http/1.1www.xn--42cl6b3aa6azd4ce4q.com:POST //wp-login.php HTTP/1.1 1-1704188590/28/201W 15.01015062887220.00.292.90 54.36.148.96http/1.1www.chonlateevip.com:443GET /tag/%E0%B8%AA%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%87 2-1704187890/47/197_ 23.19102270410.00.261.79 165.232.76.155http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 3-1704188670/24/200_ 10.25102642260.00.152.11 165.232.76.155http/1.1localhost:443GET /v2/_catalog HTTP/1.1 4-1704188990/10/170W 6.28002142380.00.051.63 165.232.76.155http/1.1localhost:443GET /server-status HTTP/1.1 5-1704189060/9/183_ 4.2207492416930.00.031.74 172.71.167.72http/1.1www.chonlateetravel.com:80GET /v3n0m.php HTTP/1.0 6-1704186740/78/149_ 43.5106431655020.01.101.63 172.71.174.175http/1.1www.singkansard.com:443GET //shop/wp-includes/wlwmanifest.xml HTTP/1.1 7-1704-0/0/157. 0.001196221971450.00.002.89 27.254.96.168http/1.1www.12gobiz.com:443POST /wp-cron.php?doing_wp_cron=1694367839.16739797592163085937 8-1704189120/11/130_ 5.03001428700.00.051.07 165.232.76.155http/1.1localhost:443GET /about HTTP/1.1 9-1704189240/9/123W 4.68001237780.00.041.15 162.158.106.39http/1.1www.xn--42cl6b3aa6azd4ce4q.com:POST //wp-login.php HTTP/1.1 10-1704188020/37/136_ 18.5908682282720.06.818.05 162.158.106.38http/1.1www.xn--42cl6b3aa6azd4ce4q.com:POST //wp-login.php HTTP/1.1 11-1704-0/0/107. 0.00296381159410.00.001.48 172.71.167.72http/1.1www.chonlateetravel.com:80GET /wp-plugins.php HTTP/1.0 12-1704186600/89/94_ 41.8313853932240.00.680.69 172.70.38.118http/1.1www.dealaccounting.com:80GET /tag/%E0%B8%88%E0%B8%94%E0%B8%97%E0%B8%B0%E0%B9%80%E0%B8%9A 13-1704188080/47/136W 25.65001878260.00.441.72 172.71.166.165http/1.1www.chonlateetravel.com:80GET //root.php HTTP/1.0 14-1704188171/40/46C 25.9500647311.40.380.39 165.232.76.155http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 15-1704-0/0/96. 0.003267071423080.00.001.46 162.158.106.39http/1.1www.xn--42cl6b3aa6azd4ce4q.com:POST //wp-login.php HTTP/1.1 16-1704-0/0/5. 0.0010060110.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 17-1704-0/0/5. 0.001002090.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 18-1704-0/0/76. 0.005040877750.00.000.86 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 123subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 124 seconds, (range: 0...240)index usage: 4%, cache usage: 5%total entries stored since starting: 308total entries replaced since starting: 0total entries expired since starting: 185total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 0 hit, 1131 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-10 17:43 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a30706051841597aApache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Thursday, 07-Sep-2023 15:33:45 +07 Restart Time: Thursday, 07-Sep-2023 04:02:11 +07 Parent Server Config. Generation: 1686 Parent Server MPM Generation: 1685 Server uptime: 11 hours 31 minutes 34 seconds Server load: 0.93 0.95 1.21 Total accesses: 98551 - Total Traffic: 1.5 GB - Total Duration: 152234928 CPU Usage: u2656.54 s5035.86 cu50093200 cs12284600 - 150000% CPU load 2.38 requests/sec - 38.1 kB/second - 16.0 kB/request - 1544.73 ms/request 8 requests currently being processed, 6 idle workers R_.WRCW___._.......................C...._R......R. Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1685170370/37/7963R 9.2170119563190.00.50123.03 207.154.240.169http/1.1localhost:80GET /login.action HTTP/1.0 1-1685166500/68/7658_ 22.1711117423090.00.68111.94 164.92.192.25http/1.1localhost:443GET /about HTTP/1.1 2-1685-0/0/7482. 0.0030115121900.00.0094.96 40.122.78.153http/1.1www.chonlateenextbiz.com:443POST /xmlrpc.php HTTP/1.1 3-1685170440/38/7196W 14.0300112766600.00.3297.07 164.92.192.25http/1.1localhost:443GET /server-status HTTP/1.1 4-1685170520/36/7102R 8.8921106822970.00.2294.03 64.227.126.135http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.0 5-1685171641/6/6745C 2.6710101210742.60.0195.70 137.184.106.30http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 6-1685171710/5/6547W 2.160098945660.00.0493.09 172.71.134.113http/1.1www.siamerp.com:443GET /tag/%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B9%82%E0%B8%9B%E0%B8%A3 7-1685171730/11/6731_ 0.0410101490420.00.01106.05 147.182.168.210http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.0 8-1685171830/3/6381_ 1.8110106087430.00.01124.25 164.92.192.25http/1.1localhost:443GET /v2/_catalog HTTP/1.1 9-1685171890/6/6416_ 1.061097794290.00.0198.38 164.92.192.25http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 10-1685-0/0/5353. 0.007079002880.00.0087.21 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 11-1685172010/3/4890_ 1.121142874907090.00.0384.07 172.71.135.41http/1.1www.chonlateefarm.com:443GET /cart/ HTTP/1.1 12-1685-0/0/4185. 0.00351065341580.00.0057.82 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 13-1685-0/0/3930. 0.00323062036660.00.00114.53 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 14-1685-0/0/2933. 0.00180047697930.00.0053.21 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 15-1685-0/0/2628. 0.004459745714700.00.0037.17 27.254.96.168http/1.1www.thaicarsale.com:80GET / HTTP/1.1 16-1685-0/0/1242. 0.00330023801890.00.0017.39 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 17-1685-0/0/778. 0.0035009589930.00.0013.83 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 18-1685-0/0/503. 0.0034508823540.00.005.32 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1685-0/0/457. 0.0032706408870.00.005.20 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 20-1685-0/0/267. 0.0017004510150.00.003.49 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 21-1685-0/0/214. 0.0032205327460.00.002.85 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1685-0/0/209. 0.0033603597350.00.002.49 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1685-0/0/248. 0.0033102727750.00.004.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 24-1685-0/0/47. 0.003200528780.00.003.58 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 25-1685-0/0/12. 0.0035303020.00.000.23 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1685-0/0/99. 0.0034001901690.00.002.40 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 27-1685-0/0/7. 0.00357018300.00.000.08 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1685-0/0/9. 0.00334034320.00.000.18 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 29-1685-0/0/8. 0.00326060340.00.000.40 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 30-1685-0/0/8. 0.00335047700.00.000.13 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 31-1685-0/0/5. 0.00348029920.00.000.24 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 32-1685-0/0/7. 0.00338016490.00.000.04 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 33-1685-0/0/6. 0.003520200.00.000.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 34-1685-0/0/7. 0.00319059940.00.000.24 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 35-1685168071/59/59C 16.9600766931.43.803.80 164.92.192.25http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 36-1685-0/0/5. 0.00347025690.00.000.24 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 37-1685-0/0/2. 0.00360034550.00.000.37 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 38-1685-0/0/4. 0.00346045410.00.000.39 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 39-1685-0/0/4. 0.00344043870.00.000.37 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 40-1685168410/64/64_ 19.3210901450.00.750.75 147.182.168.210http/1.1localhost:80GET /telescope/requests HTTP/1.0 41-1685168430/49/49R 14.86600514010.00.710.71 49.7.20.111http/1.1www.thai-pack.com:443 42-1685-0/0/5. 0.00341017180.00.000.02 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 43-1685-0/0/5. 0.0033702820.00.000.07 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 44-1685-0/0/5. 0.00333057630.00.000.19 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 45-1685-0/0/5. 0.003490190.00.000.02 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 46-1685-0/0/5. 0.00343014700.00.000.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 47-1685-0/0/4. 0.00358080.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 48-1685168850/57/57R 13.2321498940.01.031.03 121.5.79.247http/1.1 49-1685-0/0/5. 0.00342010790.00.000.09 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type
Found on 2023-09-07 08:32 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a307060589c1380eApache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Wednesday, 06-Sep-2023 00:24:29 +07 Restart Time: Wednesday, 06-Sep-2023 00:10:47 +07 Parent Server Config. Generation: 1681 Parent Server MPM Generation: 1680 Server uptime: 13 minutes 41 seconds Server load: 0.36 0.96 0.89 Total accesses: 1112 - Total Traffic: 12.9 MB - Total Duration: 1046727 CPU Usage: u2641.9 s5017.18 cu49964300 cs12257000 - 7580000% CPU load 1.35 requests/sec - 16.0 kB/second - 11.8 kB/request - 941.301 ms/request 10 requests currently being processed, 3 idle workers _..WCW_CC_..CC.W.W................C............... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1680261000/24/47_ 3.800688450730.00.100.41 128.199.61.251http/1.1www.winnerpropest.com:443GET /.vscode/sftp.json HTTP/1.1 1-1680-0/0/92. 0.00401127360.00.001.04 134.122.89.242http/1.1localhost:80GET /.git/config HTTP/1.0 2-1680-0/0/91. 0.00511095290.00.001.07 159.203.182.222http/1.1 3-1680273980/8/29W 0.7100286280.00.010.15 159.203.182.222http/1.1localhost:443GET /server-status HTTP/1.1 4-1680274151/7/30C 0.6201320083.90.010.19 159.203.94.228http/1.1localhost:443GET /server-status HTTP/1.1 5-1680274170/8/27W 0.3700380660.00.010.20 64.227.126.135http/1.1www.winnerpropest.com:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 6-1680274280/14/36_ 0.7700286020.00.020.19 23.178.112.208http/1.1www.yougame.in.th:80GET /.well-known/acme-challenge/_KgFng35cNrDmKv9CmkZ1C1Zvu6Ry88 7-1680274301/7/23C 0.0501194971.40.020.12 137.184.222.107http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 8-1680274361/9/23C 1.1101245821.40.020.14 159.203.182.222http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 9-1680274420/7/20_ 1.620433297020.00.030.17 64.227.126.135http/1.1www.winnerpropest.com:443GET /v2/_catalog HTTP/1.1 10-1680-0/0/15. 0.006250167530.00.000.08 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 11-1680-0/0/78. 0.0050528090.00.000.62 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 12-1680223571/73/73C 26.1501827611.42.312.31 159.203.94.228http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 13-1680224021/83/83C 19.9815657431211.91.121.12 128.199.61.251http/1.1www.winnerpropest.com:443GET /about HTTP/1.1 14-1680-0/0/2. 0.00630052370.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 15-1680224040/82/82W 25.9300685000.01.131.13 172.176.207.8http/1.1www.siam2job.com:80POST //wp-login.php HTTP/1.0 16-1680-0/0/3. 0.00624072560.00.000.02 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 17-1680224610/83/83W 21.4300681040.01.171.17 128.199.61.251http/1.1www.winnerpropest.com:443GET /debug/default/view?panel=config HTTP/1.1 18-1680-0/0/2. 0.00623052820.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1680-0/0/2. 0.00613042590.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 20-1680-0/0/89. 0.0010512190.00.000.87 137.184.222.107http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 21-1680-0/0/2. 0.00622252670.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1680-0/0/2. 0.00616037100.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1680-0/0/65. 0.00642580060.00.000.92 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 24-1680-0/0/2. 0.00614041730.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 25-1680-0/0/3. 0.00626031270.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1680-0/0/2. 0.00618038270.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 27-1680-0/0/2. 0.00617021850.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1680-0/0/1. 0.00643000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 29-1680-0/0/2. 0.00619036220.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 30-1680-0/0/2. 0.00620034860.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 31-1680-0/0/2. 0.00621031910.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 32-1680-0/0/1. 0.00641000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 33-1680-0/0/1. 0.00642000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 34-1680225811/89/89C 18.9502511973.80.840.84 137.184.222.107http/1.1localhost:443GET /server-status HTTP/1.1 35-1680-0/0/1. 0.00640010.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 36-1680-0/0/1. 0.00639000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 37-1680-0/0/1. 0.00638000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 38-1680-0/0/1. 0.00637000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 39-1680-0/0/1. 0.00636000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 40-1680-0/0/1. 0.00633000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 109subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 135 seconds, (range: 47...287)index usage: 3%, cache usage: 4%total entries stored since starting: 207total entries replaced since starting: 0total entries expired since starting: 98total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 1 hit, 389 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-05 17:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a307060598dc7e86Apache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Friday, 07-Jul-2023 00:24:31 +07 Restart Time: Friday, 07-Jul-2023 00:10:33 +07 Parent Server Config. Generation: 1419 Parent Server MPM Generation: 1418 Server uptime: 13 minutes 58 seconds Server load: 1.40 1.63 1.53 Total accesses: 1694 - Total Traffic: 10.4 MB - Total Duration: 1740082 CPU Usage: u2290.44 s3811.21 cu35483900 cs8464620 - 5250000% CPU load 2.02 requests/sec - 12.7 kB/second - 6.3 kB/request - 1027.2 ms/request 8 requests currently being processed, 6 idle workers _C_CR_RWCW_C__.................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-141817920/73/173_ 23.2504811859220.00.461.19 172.104.176.248http/1.1www.winnerpropest.com:443GET /.git/config HTTP/1.1 1-141851071/34/73C 8.3600711291.40.070.52 64.227.126.135http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 2-141818110/52/150_ 19.84011611380.00.530.97 161.35.27.144http/1.1localhost:443GET /about HTTP/1.1 3-141859041/22/179C 0.76001927081.40.031.06 161.35.27.144http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 4-141816840/82/179R 31.1104811876290.00.561.08 172.104.176.248http/1.1www.winnerpropest.com:443 5-141818210/63/159_ 20.83001641310.00.551.16 164.92.192.25http/1.1localhost:443GET /about HTTP/1.1 6-141820200/51/149R 22.11001704320.00.551.07 64.227.126.135http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 7-141820580/55/150W 18.69001580220.00.310.97 134.122.63.192http/1.1www.winnerpropest.com:443GET / HTTP/1.1 8-141820661/57/155C 16.25001480632.60.370.93 178.128.151.41http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 9-141820680/63/159W 16.97001488960.00.370.83 161.35.27.144http/1.1localhost:443GET /server-status HTTP/1.1 10-141860330/2/138_ 0.00001400770.00.000.56 64.227.126.135http/1.1localhost:443GET /about HTTP/1.1 11-141857211/22/27C 3.2900106091.40.040.08 164.92.192.25http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 12-141860580/2/2_ 0.020390.00.010.01 164.92.192.25http/1.1localhost:443GET /server-status HTTP/1.1 13-141860600/1/1_ 0.65065513110.00.000.00 138.199.22.237http/1.1www.nakindogtraining.com:80POST /xmlrpc.php HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 134subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 87 seconds, (range: 2...298)index usage: 4%, cache usage: 6%total entries stored since starting: 269total entries replaced since starting: 0total entries expired since starting: 135total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 1 hit, 394 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-07-06 17:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31a3070605a3070605312a763bApache Status Apache Server Status for ftp.winnerpropest.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Tuesday, 07-Mar-2023 13:50:34 +07 Restart Time: Tuesday, 07-Mar-2023 13:49:54 +07 Parent Server Config. Generation: 968 Parent Server MPM Generation: 967 Server uptime: 40 seconds Server load: 0.59 0.92 1.13 Total accesses: 140 - Total Traffic: 371 kB - Total Duration: 22087 CPU Usage: u1434.13 s2582.03 cu24558600 cs5922570 - 7.62e+7% CPU load 3.5 requests/sec - 9.3 kB/second - 2713 B/request - 157.764 ms/request 10 requests currently being processed, 0 idle workers RRRCWRCWRR........................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-967316370/21/21R 2.060340190.00.040.04 45.79.83.159http/1.1 1-967316430/18/18R 1.260026240.00.030.03 45.79.83.159http/1.1 2-967316610/24/24R 1.880135930.00.040.04 45.79.83.159http/1.1 3-967316671/24/24C 0.860016832.70.050.05 45.79.83.159http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 4-967316730/3/3W 1.870056780.00.150.15 162.158.91.62http/1.1www.siamerp.com:443GET /wp-json/wp/v2/tags/1676 HTTP/1.1 5-967316950/11/11R 2.210143930.00.020.02 45.79.83.159http/1.1 6-967317111/12/12C 0.0800272.60.010.01 45.79.83.159http/1.1localhost:443GET /telescope/requests HTTP/1.1 7-967317320/24/24W 0.0600530.00.020.02 45.79.83.159http/1.1localhost:443GET /server-status HTTP/1.1 8-967317390/2/2R 0.010180.00.000.00 45.79.83.159http/1.1 9-967317410/1/1R 0.000350.00.000.00 45.79.83.159http/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 9subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 293 seconds, (range: 281...299)index usage: 0%, cache usage: 0%total entries stored since starting: 9total entries replaced since starting: 0total entries expired since starting: 0total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 0 hit, 75 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-03-07 06:47
-