Domain xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
Thailand
CS LOXINFO Public Company Limited.
Software information
Apache 2
tcp/443
-
Apache server-status page is publicly available
The server-status page (usually
/server-status) allows server administrators to find out how well their server is performing.This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
IP: 203.170.192.183
Domain: ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
Port: 443
URL: https://ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.comFirst seen 2023-09-20 06:37
Last seen 2024-02-01 21:07
Open for 134 days-
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb317c3bbe397c3bbe39f5cc7d6fApache Status Apache Server Status for ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Friday, 02-Feb-2024 04:07:45 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 92 Parent Server MPM Generation: 91 Server uptime: 27 days 18 hours 6 minutes 24 seconds Server load: 2.19 2.08 2.02 Total accesses: 1842927 - Total Traffic: 23.8 GB - Total Duration: 2140668788 CPU Usage: u174.57 s105.98 cu32081.1 cs2206.04 - 1.44% CPU load .769 requests/sec - 10.4 kB/second - 13.5 kB/request - 1161.56 ms/request 4 requests currently being processed, 124 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 024826no0yes131000 124845no0yes230000 324847no0yes131000 524831no0yes032000 Sum400 4124000 ___________________________R____________RR______________________ ................................________W_______________________ ................................________________________________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-91248260/2/14748_ 2.5030160256500.00.00193.63 139.144.96.150h2localhost:443[0/0] Software caused connection abort 0-91248260/7/15243_ 2.8920138991490.00.01198.85 164.92.84.255h2localhost:443[0/0] Software caused connection abort 0-91248260/5/14813_ 2.9030150305970.00.00192.57 128.199.62.55http/1.1localhost:443GET /.env HTTP/1.1 0-91248260/4/14993_ 2.9740145868920.00.00185.87 45.55.193.222http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-91248260/3/14897_ 2.9830147705680.00.00185.27 164.92.192.25http/1.1localhost:443GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-91248260/5/15127_ 2.8900156637760.00.00188.41 144.126.198.24http/1.1localhost:443GET /_all_dbs HTTP/1.1 0-91248260/3/14799_ 2.9730145560290.00.00200.10 164.92.84.255http/1.1localhost:443GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-91248260/3/15107_ 2.8910150176580.00.00187.50 164.92.192.25http/1.1localhost:443GET /_all_dbs HTTP/1.1 0-91248260/6/15067_ 3.0000145202600.00.01229.80 159.223.102.13http/1.1localhost:80GET /.DS_Store HTTP/1.1 0-91248260/4/15193_ 2.9610148852630.00.00194.72 134.122.34.144http/1.1localhost:443GET /_all_dbs HTTP/1.1 0-91248260/4/14760_ 2.9530154280280.00.02200.59 167.172.20.95http/1.1localhost:80GET / HTTP/1.1 0-91248260/4/14773_ 2.9530147100270.00.02195.37 167.172.232.142http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-91248260/2/14631_ 2.9620137181620.00.00185.36 45.55.193.222http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-91248260/4/14790_ 2.8640169077040.00.02185.93 139.144.150.23http/1.1 0-91248260/4/15746_ 2.9740141537700.00.01187.66 167.172.20.95http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 0-91248260/4/14791_ 2.8720165338160.00.00182.39 139.144.150.23h2localhost:443[0/0] Software caused connection abort 0-91248260/5/14839_ 2.9920143397110.00.01206.26 139.144.96.150http/1.1localhost:443GET / HTTP/1.1 0-91248260/3/14907_ 2.8020144873350.00.00189.18 45.55.193.222http/1.1 0-91248260/4/14727_ 2.9530160242940.00.00200.48 137.184.162.65http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-91248260/1/14944_ 2.8637144636710.00.00193.68 159.203.44.43http/1.1 0-91248260/6/14937_ 2.9620181440860.00.01193.26 167.172.232.142http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-91248260/5/14965_ 3.0000146988040.00.02203.98 139.144.150.23http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-91248260/2/15418_ 2.8630150747980.00.00188.12 139.144.150.23h2localhost:443[0/0] Software caused connection abort 0-91248260/2/14630_ 2.9030138763900.00.00190.05 164.92.84.255http/1.1localhost:443GET / HTTP/1.1 0-91248260/4/14923_ 2.9910162204720.00.00186.78 139.144.96.150http/1.1localhost:443GET /about HTTP/1.1 0-91248260/3/14603_ 2.9920135973320.00.00196.85 134.122.34.144http/1.1localhost:443GET /.git/config HTTP/1.1 0-91248260/2/15107_ 2.8720144712670.00.00194.45 64.227.126.135http/1.1localhost:443GET /about HTTP/1.1 0-91248260/2/14884R 2.8840159153040.00.00213.24 128.199.62.55http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-91248260/6/14687_ 2.8840152163290.00.01175.81 178.62.73.12http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-91248260/2/15147_ 2.8630135099350.00.00225.04 178.128.151.41http/1.1localhost:80GET /.env HTTP/1.1 0-91248260/3/14618_ 2.9620155554030.00.02199.08 139.144.150.23h2localhost:443[0/0] Software caused connection abort 0-91248260/5/14890_ 2.9740145814070.00.00184.99 178.62.73.12http/1.1localhost:443GET /?rest_route=/wp/v2/users/ HTTP/1.1 1-91248450/5/15731_ 2.8110138364770.00.00219.29 137.184.162.65http/1.1localhost:80GET /.git/config HTTP/1.1 1-91248450/5/15812_ 2.8210136849570.00.01198.68 164.92.84.255http/1.1 1-91248450/8/15602_ 2.8510174090190.00.02199.96 159.203.44.43h2localhost:443[0/0] Software caused connection abort 1-91248450/9/15318_ 2.9000150896030.00.01189.46 164.92.84.255http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 1-91248450/3/15275_ 2.8030146566320.00.00197.92 159.203.44.43http/1.1 1-91248450/6/15654_ 2.9010134151790.00.01198.79 139.144.96.150http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 1-91248450/3/15351_ 2.8910172789920.00.02188.15 159.223.102.13http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-91248450/2/15185_ 2.5700165483380.00.00189.07 64.227.126.135h2localhost:443[0/0] Software caused connection abort 1-91248450/5/15334R 2.8530127395500.00.01211.76 128.199.62.55http/1.1localhost:443GET /config.json HTTP/1.1 1-91248450/6/14955R 2.8430152319130.00.01188.74 159.203.44.43http/1.1 1-91248450/2/15041_ 2.8200148013860.00.00204.86 164.92.84.255http/1.1localhost:443GET /login.action HTTP/1.1 1-91248450/4/15505_ 2.8910159268070.00.02208.73 167.172.20.95http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-91248450/3/15328_ 2.8210159504020.00.00200.56 139.144.96.150http/1.1 1-91248450/5/15188_ 2.8110137016410.00.00183.04 134.122.34.144http/1.1localhost:443GET /v2/_catalog HTTP/1.1 1-9124
Found on 2024-02-01 21:07 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb317c3bbe397c3bbe39d7bd10e5Apache Status Apache Server Status for ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Sunday, 07-Jan-2024 15:13:05 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 8 Parent Server MPM Generation: 7 Server uptime: 2 days 5 hours 11 minutes 44 seconds Server load: 2.59 2.72 2.79 Total accesses: 888372 - Total Traffic: 12.0 GB - Total Duration: 1104440239 CPU Usage: u162.77 s14.98 cu15076.1 cs792.86 - 8.38% CPU load 4.64 requests/sec - 65.7 kB/second - 14.2 kB/request - 1243.22 ms/request 8 requests currently being processed, 56 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 05613no12yes428008 117271no7yes428004 Sum2019 8560012 ______________R________W____W_W_____WW___________W______W_______ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-756130/158/7049_ 106.880095656150.01.71102.74 147.182.130.98http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-756130/193/7543_ 106.851073597160.02.32104.46 83.229.112.30http/1.1www.xn--12cbt1cxdh6e8ac5x.com:8GET /wp-admin/js/widgets/about.php HTTP/1.1 0-756130/189/7128_ 106.880080121270.01.99102.25 64.227.126.135http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-756130/225/7399_ 106.221077162130.02.2694.80 147.182.130.98http/1.1localhost:443GET / HTTP/1.1 0-756130/185/7323_ 106.861077512160.02.2891.84 142.93.153.3http/1.1localhost:80GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-756130/181/7456_ 106.89049390109900.01.9698.10 173.201.252.240http/1.1www.ozonepluswater.net:443POST /wp-login.php HTTP/1.1 0-756130/209/7297_ 106.810071933600.02.31108.87 31.184.236.34http/1.1 0-756130/135/7301_ 106.771083202790.01.5095.18 165.232.76.155http/1.1localhost:443GET / HTTP/1.1 0-756130/179/7496_ 106.190077242750.01.98145.59 31.184.236.34http/1.1 0-756130/192/7395_ 106.890129679684310.02.0792.83 23.22.35.162http/1.1www.chonlateeboi.com:443GET /31206xzlietidm65g.htm HTTP/1.1 0-756130/171/7163_ 106.820088241580.02.08114.06 83.229.112.30http/1.1www.xn--12cbt1cxdh6e8ac5x.com:8GET /fw.php HTTP/1.1 0-756130/167/6925_ 106.86184285607090.01.9989.92 3.224.220.101http/1.1www.chonlateeboi.com:443GET /12311lrvyetidm34ny.html HTTP/1.1 0-756130/195/7006_ 105.71184065163630.02.3492.95 40.77.167.52h2www.thesungolden.com:443[1/1] done: stream 1, GET /549981/606785.html 0-756130/196/7211_ 106.890096080520.02.8498.63 142.93.153.3http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-756130/191/7876R 106.851573415060.02.0398.88 203.170.192.183http/1.1www.ozonepluswater.net:443POST /wp-cron.php?doing_wp_cron=1704615183.68357491493225097656 0-756130/184/7059_ 106.52163695385640.02.0390.38 165.232.76.155h2localhost:443[0/0] Software caused connection abort 0-756130/217/7217_ 106.880076368060.02.0692.57 83.229.112.30http/1.1www.xn--12cbt1cxdh6e8ac5x.com:8GET /wp-includes/blocks/calendar/updates.php HTTP/1.1 0-756130/171/7276_ 106.7001175173100.02.1897.07 142.93.153.3http/1.1localhost:80GET /server-status HTTP/1.1 0-756130/248/7315_ 106.781089996810.02.4591.39 164.90.222.93http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-756130/236/7372_ 106.820076402880.02.1998.36 165.232.76.155http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-756130/179/7350_ 106.8900116546280.02.26101.69 147.182.130.98http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-756130/175/7026_ 106.70034480076850.02.2193.99 66.249.71.202http/1.1www.twinbuilt.co.th:443GET /?e=outback-%E2%80%93-brown-%E2%80%93-jim-green-8-ii-VobOQ0 0-756130/196/7603_ 106.85170387721790.02.13100.32 173.201.252.240http/1.1www.ozonepluswater.net:443GET /wp-login.php HTTP/1.1 0-756131/193/7138W 104.4041071370150.02.28100.35 94.228.169.107http/1.1www.thesungolden.com:443POST /wp-content/uploads/wpr-addons/forms/061f69806f7d.php HTTP 0-756130/168/7164_ 106.61185095518500.01.8790.35 3.224.220.101http/1.1www.chonlateeboi.com:443GET /19203mywgitems/etidm.htm HTTP/1.1 0-756130/182/7345_ 106.77084664909560.02.2593.48 31.184.236.42http/1.1 0-756130/245/7228_ 106.820079462670.02.54101.61 144.126.202.105http/1.1localhost:443GET /about HTTP/1.1 0-756130/223/7256_ 105.921089070650.02.64122.74 144.126.202.105h2localhost:443[0/0] Software caused connection abort 0-756131/173/7029W 106.810078124630.01.9087.92 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /iaxnuvn-23187kitems/etidm.htm HTTP/1.1 0-756130/163/7323_ 106.781083639450.02.36127.42 83.229.112.30http/1.1www.xn--12cbt1cxdh6e8ac5x.com:8GET /new.php HTTP/1.1 0-756131/159/6953W 106.760087028930.01.94100.39 144.126.202.105http/1.1localhost:443GET /server-status HTTP/1.1 0-756130/162/7331_ 106.78142677920150.01.8193.50 50.62.144.122http/1.1www.ltclevelup.com:443GET /wp-login.php HTTP/1.1 1-7172710/57/7227_ 49.941085658810.00.64121.16 64.227.126.135http/1.1localhost:443GET /v2/_catalog HTTP/1.1 1-7172710/90/7004_ 48.83184380415890.01.1288.88 144.126.202.105h2localhost:443[0/0] Software caused connection abort 1-7172710/100/7136_ 49.6200107432670.01.0894.26 147.182.130.98h2localhost:443[0/0] Software caused connection abort 1-7172710/97/6730_ 49.930085814040.01.0887.88 144.126.202.105http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 1-7172711/56/6877W 31.31521081814100.00.70100.87 94.228.169.107http/1.1www.thesungolden.com:443POST /wp-content/uploads/wpr-addons/forms/061f69806f7d.php HTTP 1-7172711/90/7001W 49.890081253170.00.9193.19 66.249.73.132http/1.1www.twinbuilt.co.th:443GET /?e=billions-star-asia-kate-dillon-schools-ellen-on-being-2 1-7172710/106/7033_ 49.84184298994420.01.2390.78 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /laanuvn-16820nitems/etidm7.html HTTP/1.1 1-7172710/93/7065_ 49.851092312010.00.9595.88 142.93.153.3http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-7172710/90/7069_ 49.780074206500.00.9989.80 83.229.112.30http/1.1www.xn--12cbt1cxdh6e8ac5x.com:8GET /i.php HTTP/1.1 1-7172710/78/6915_ 49.830090378950.00.7595.86 83.229.112.30http/1.1www.xn--12cbt1cxdh6e8ac5x.com:8GET /wp-includes/SimplePie/plugins.php HTTP/1.1 1-7172710/82/6671_ 49.960092694400.00.9393.48 165.232.76.155http/1.1localhost:443GET /v2/_catalog HTTP/1.1 1-7172710/91/7219_ 49.930082117560.00.96103.00 142.93.153.3http/1.1localhost:80GET /.git/config HTTP/1.1 1-7172710/80/6922_ 49.890352104234870.00.94
Found on 2024-01-07 08:12 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb317c3bbe397c3bbe39ea2d50ebApache Status Apache Server Status for ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Saturday, 06-Jan-2024 05:10:46 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 4 Parent Server MPM Generation: 3 Server uptime: 19 hours 9 minutes 25 seconds Server load: 2.90 2.67 2.77 Total accesses: 334933 - Total Traffic: 4.7 GB - Total Duration: 319693271 CPU Usage: u268.95 s16.89 cu5368.74 cs287.12 - 8.62% CPU load 4.86 requests/sec - 71.2 kB/second - 14.7 kB/request - 954.499 ms/request 9 requests currently being processed, 119 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 131365no3yes230101 431495no6yes230002 531496no4yes329001 631500no4yes230000 Sum4017 9119104 ................................___R________W___________________ ................................................................ _________WW________________________W____R_________________W_____ __W_____W_______________________................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-3-0/0/3197. 0.00322683828794620.00.0047.16 40.77.167.26h2www.chonlateenextbiz.com:443[0/0] init 0-3-0/0/3457. 0.003226104924920150.00.0045.31 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?dushsbr-307440fetidm13qhf.htm HTTP/1.1 0-3-0/0/3121. 0.00322683837618890.00.0053.59 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?puehsbr-278488retidm68chr HTTP/1.1 0-3-0/0/3383. 0.0032262627408330.00.0042.74 157.55.39.62h2www.chonlateeaa.com:443GET /sitemap654.xml HTTP/2.0 0-3-0/0/3238. 0.00322684425519520.00.0040.45 40.77.167.26h2www.chonlateenextbiz.com:443[1/1] done: stream 1, GET /wade-logan-furniture-manufacturer-e- 0-3-0/0/3479. 0.00322689032497720.00.0043.89 185.191.171.17http/1.1www.chonlateefood.com:443GET /items/kjz6692jxxftidm21.html HTTP/1.1 0-3-0/0/3263. 0.00322684025491150.00.0055.73 3.224.220.101http/1.1www.chonlateeboi.com:443GET /862cafjetidm61e HTTP/1.1 0-3-0/0/3289. 0.00322683926539240.00.0042.51 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /trust.php?xumhsbr-299660zitems/etidm9.html HTTP/1.1 0-3-0/0/3338. 0.003226182226330900.00.0084.97 193.70.81.116http/1.1www.chonlateefood.com:443GET /tag/%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%B1%E0%B8%81 0-3-0/0/3257. 0.00322679625457030.00.0042.03 91.92.252.141http/1.1www.xn--12cx2bef7bl0boq4ch6gugwGET /wp-includes/images/include.php HTTP/1.1 0-3-0/0/3174. 0.003226117328818450.00.0038.87 66.249.71.169http/1.1www.chonlateeadmin.com:443GET /trust.php?jafaonh-59042setidm.html HTTP/1.1 0-3-0/0/3151. 0.00322688625715070.00.0040.28 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?howhsbr-345014jitems/etidm83u.html HTTP/1.1 0-3-0/0/3099. 0.003226176425515810.00.0042.13 193.70.81.116http/1.1www.chonlateefood.com:443GET /tag/%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%B1%E0%B8%81 0-3-0/0/3370. 0.00322683836737120.00.0046.01 193.70.81.116http/1.1www.chonlateefood.com:443GET /tag/%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%B1%E0%B8%81 0-3-0/0/3431. 0.00322684328933940.00.0045.92 23.22.35.162http/1.1www.chonlateeboi.com:443GET /15371tbrmetidm.html HTTP/1.1 0-3-0/0/3141. 0.00322684030664290.00.0040.47 52.70.240.171http/1.1www.chonlateeboi.com:443GET /15347tbrmetidm.html HTTP/1.1 0-3-0/0/3143. 0.003226104429759900.00.0040.26 66.249.71.169http/1.1www.chonlateeadmin.com:443GET /trust.php?jqfggdh-241250setidm.html HTTP/1.1 0-3-0/0/3396. 0.003226104826723090.00.0044.80 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?eedvrsm-1733qeti.html HTTP/1.1 0-3-0/0/3303. 0.003226104724900520.00.0043.00 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?iexhsbr-285631kitems/etidm16vr HTTP/1.1 0-3-0/0/3158. 0.00322684329506320.00.0046.19 3.224.220.101http/1.1www.chonlateeboi.com:443GET /49069gcmpitems/etidm85 HTTP/1.1 0-3-0/0/3250. 0.00322684824853440.00.0050.06 185.191.171.13http/1.1www.chonlateeboi.com:443GET /17518cafjetidm23u HTTP/1.1 0-3-0/0/3264. 0.00322683927269360.00.0046.07 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?ufjhsbr-284525wetidm37.html HTTP/1.1 0-3-0/0/3611. 0.003226108525360900.00.0045.83 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?iqhadej-311189ueti.html HTTP/1.1 0-3-0/0/3169. 0.0032263225101100.00.0040.90 193.70.81.116http/1.1www.chonlateefood.com:443GET /tag/%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%B1%E0%B8%81 0-3-0/0/3163. 0.00322683925373180.00.0040.32 195.191.219.130http/1.1www.1smestartup.com:443GET /%E0%B8%95%E0%B9%88%E0%B8%AD%E0%B8%AD%E0%B8%B2%E0%B8%A2%E0% 0-3-0/0/3166. 0.00322683926244240.00.0040.79 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?aiwsvcw-74893jetidm98n HTTP/1.1 0-3-0/0/3227. 0.003226124228285370.00.0051.28 85.208.96.205http/1.1www.chonlateenextbiz.com:443GET /uftriw/vanshaj-upcoming-story.html HTTP/1.1 0-3-0/0/3172. 0.00322683631872270.00.0070.96 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?toihsbr-278518vetidm20g HTTP/1.1 0-3-0/0/3113. 0.00322684225434050.00.0039.06 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?lwmqxjd-321878zetidm6 HTTP/1.1 0-3-0/0/3457. 0.00322696524094380.00.0079.56 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?loahsbr-285998nitems/etidm49y.html HTTP/1.1 0-3-0/0/3135. 0.00322694727823180.00.0047.85 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /trust.php?mfbhsbr-286025oeti.html HTTP/1.1 0-3-0/0/3521. 0.003226112528035970.00.0043.24 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?fouhsbr-285602hitems/etid.html HTTP/1.1 1-3313650/105/2749_ 56.47284220681180.01.2936.02 52.70.240.171http/1.1www.chonlateeboi.com:443GET /3609xhlfitems/eti.htm HTTP/1.1 1-3313650/130/2523_ 56.76484422583930.01.3332.22 47.128.48.20h2www.chonlateevip.com:443[3/3] done: stream 5, GET /wp-content/uploads/2019/02/Slide_Hom 1-3313650/93/2624_ 56.68188521278280.01.1435.62 23.22.35.162http/1.1www.chonlateeboi.com:443GET /16527oqmiitems/etidm82ri.htm HTTP/1.1 1-3313650/93/2464R 56.19565222721300.01.0932.81 185.191.171.9http/1.1www.chonlateeboi.com:443 1-3313650/80/2449_ 56.812114036466220.00.9436.26 104.234.204.32http/1.1www.chonlateepro.com:443GET //chonlateepro.com/wp-content/plugins/so-widgets-bundle/wid 1-3313650/104/2645_ 56.73484420121420.01.4234.74 47.128.48.20h2www.chonlateevip.com:443[2/2] done: stream 3, GET /wp-content/uploads/2022/07/Slide_Hom 1-3313650/94/2519_ 56.541020379950.01.1431.11 134.122.89.242http/1.1localhost:443GET / HTTP/1.1 1-3313650/96/2594_ 56.811227721408690.01.2035.61 104.234.204.32http/1.1www.chonlateekeyman.com:443GET //chonlateekeyman.com/wp-content/themes/sydney/js/scripts.j 1-3313650/109/2586_ 56.69187021164610.01.3035.07 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /gvvgiii-9405iitems/etidm46.htm HTTP/1.1 1-3313650/103/2483_ 56.31484219738670.01.4332.3
Found on 2024-01-05 22:10 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb317c3bbe397c3bbe39967008acApache Status Apache Server Status for ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Tuesday, 12-Dec-2023 05:07:49 ICT Restart Time: Friday, 01-Dec-2023 00:22:58 ICT Parent Server Config. Generation: 44 Parent Server MPM Generation: 43 Server uptime: 11 days 4 hours 44 minutes 50 seconds Server load: 2.22 2.01 1.41 Total accesses: 4435053 - Total Traffic: 56.8 GB - Total Duration: 4177872762 CPU Usage: u377.99 s57.03 cu79757.4 cs4172.6 - 8.72% CPU load 4.58 requests/sec - 61.6 kB/second - 13.4 kB/request - 942.012 ms/request 9 requests currently being processed, 119 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 031012no3yes527001 131030no1yes329001 431190no2yes032001 531192no9yes131004 Sum4015 9119007 __W____W______________R_R_____R__________________________R__W_W_ ................................................................ ________________________________________W_______________________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-43310120/141/39838_ 83.594653361848370.01.71504.01 52.70.240.171http/1.1www.chonlateeboi.com:443GET /trust.php?244172rvjfitems/etidm6.html HTTP/1.1 0-43310120/144/39242_ 83.362861367869750.01.71495.64 142.93.158.96http/1.1localhost:80\x16\x03\x01\x01\x07\x01 0-43310121/127/39688W 83.5600403233670.01.52512.29 198.199.121.22http/1.1localhost:443GET /server-status HTTP/1.1 0-43310120/133/39647_ 83.604858391522040.01.59517.09 66.249.71.2http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?shlnuow-53773yetidm.html HTTP/1.1 0-43310120/141/40185_ 82.8601417373750100.01.69571.16 47.128.50.125h2www.xn--12cx2bef7bl0boq4ch6gugw[1/1] done: stream 1, GET /wp-content/uploads/2021/01/logo_Home 0-43310120/121/39220_ 83.4010400813650.01.41496.50 128.199.195.68http/1.1localhost:443GET /config.json HTTP/1.1 0-43310120/126/39542_ 83.6330405292700.01.50497.44 164.92.192.25http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-43310121/226/40427W 83.4000369582620.01.72505.63 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?lyezslq-4886retidm8.htm HTTP/1.1 0-43310120/123/39306_ 83.4240382089580.01.60513.85 138.68.133.118http/1.1localhost:80GET /about HTTP/1.1 0-43310120/143/39697_ 82.841860370088930.01.65506.37 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?glziejy-46299mitems/eti HTTP/1.1 0-43310120/133/39304_ 83.4530386421090.08.60484.88 138.68.133.118http/1.1localhost:80GET /.DS_Store HTTP/1.1 0-43310120/116/39311_ 83.382645370959280.01.58526.95 128.199.195.68http/1.1localhost:443GET /server-status HTTP/1.1 0-43310120/128/39251_ 83.420861377745850.01.68479.35 66.249.71.2http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?jwciejy-21186petidm35wjp HTTP/1.1 0-43310120/138/39438_ 83.022897409456980.01.64507.76 162.243.184.251h2localhost:443[0/0] Software caused connection abort 0-43310120/135/39607_ 83.700889382267340.01.58497.03 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?242370rvjfetid.htm HTTP/1.1 0-43310120/126/39280_ 83.642680375554420.01.47551.66 66.249.71.4http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?uonlbze-29725aetidm.html HTTP/1.1 0-43310120/130/40254_ 83.353859376965110.01.83531.47 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?jncagyn-14972petid.htm HTTP/1.1 0-43310120/132/39774_ 83.165895368729120.01.48489.47 198.199.121.22h2localhost:443[0/0] Software caused connection abort 0-43310120/122/39817_ 82.24212371781460.01.85514.08 128.199.195.68http/1.1localhost:443GET /server-status HTTP/1.1 0-43310120/135/40051_ 83.680615386572840.01.65550.42 66.249.64.103http/1.1www.chonlateefbc.com:443GET /?m=vinylnitrile-medium-xtgr-mm-LYo3Dzf5 HTTP/1.1 0-43310120/134/39496_ 83.594848366839120.01.75519.68 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /trust.php?mkbqxjd-40429oitems/etidm29 HTTP/1.1 0-43310120/124/39620_ 83.642675390125060.01.61510.97 66.249.64.227http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?uodqbmb-16257qitems/eti HTTP/1.1 0-43310120/132/39384R 83.5650410399620.01.70520.70 85.208.96.209http/1.1www.chonlateeadmin.com:443 0-43310120/132/38792_ 83.2940363790010.01.66481.28 128.199.195.68http/1.1localhost:443GET / HTTP/1.1 0-43310120/127/39786R 83.5650374003560.01.53526.38 3.224.220.101http/1.1www.krongthongsecurity.com:443GET /rhyuqhe68644litems/etidm9.html HTTP/1.1 0-43310120/149/39073_ 83.4530390505680.02.08477.83 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /odvuqhe68589iitems/etidm35 HTTP/1.1 0-43310120/127/39749_ 83.6810375219360.01.42591.18 164.92.192.25http/1.1localhost:443GET /login.action HTTP/1.1 0-43310120/127/38960_ 83.5940372364500.01.58516.31 142.93.158.96http/1.1localhost:80GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-43310120/149/39566_ 83.3920413929430.01.76529.79 198.199.121.22h2localhost:443[0/0] Software caused connection abort 0-43310120/140/39533_ 83.6030377082090.01.78510.72 198.199.121.22http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-43310120/112/39503R 83.4150371943010.01.35499.47 23.22.35.162http/1.1www.chonlateeboi.com:443 0-43310120/117/39244_ 82.0840380222100.01.32544.19 3.224.220.101http/1.1www.krongthongsecurity.com:443GET /fhmuqhe174452zetidm8.htm HTTP/1.1 1-43310300/110/40647_ 67.8620377602780.01.47512.75 164.92.192.25http/1.1localhost:443GET /server-status HTTP/1.1 1-43310300/106/40560_ 67.6940386263960.01.27555.62 138.68.133.118http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 1-43310300/103/40349_ 67.0550387968290.01.33562.67 164.92.192.25h2localhost:443[0/0] Software caused connection abort 1-43310300/112/40588_ 67.6550395504500.01.38570.37 128.199.195.68http/1.1localhost:443GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 1-43310300/90/41423_ 67.6460367215030.01.05630.52 128.199.195.68http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 1-43310300/104/40143_ 67.8040364544620.01.32576.48 198.199.121.22http/1.1localhost:443GET / HTTP/1.1 1-43310300/106/40268_ 67.7220367019960.01.22537.26 138.68.133.118http/1.1localhost:80GET /login.action HTTP/1.1 1-43310300/103/40803_ 65.763672391136950.01.26519.25 185.191.171.11http/1.1www.chonlateeadmin.com:443GET /tliasyu-29230vetidm94g HTTP/1.1 1-43310300/113/40440_ 67.5220379667520.01.57508.60 3.224.220.101http/1.1www.krongthongsecurity.com:443GET /rhyuqhe194120letidm18eul.htm HTTP/1.1 1-43310300/96/40511_ 67.7850372055410.01.21517.59 142.93.158.96http/1.1localhost:80GET /.env HTTP/1.1 1-43310300/102/41062_ 67.8230368334380.01.26541.43 164.92.192.25http/1.1localhost:443
Found on 2023-12-11 22:07 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb317c3bbe397c3bbe398f7f9c8fApache Status Apache Server Status for ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Thursday, 23-Nov-2023 00:24:04 ICT Restart Time: Monday, 20-Nov-2023 10:17:03 ICT Parent Server Config. Generation: 9 Parent Server MPM Generation: 8 Server uptime: 2 days 14 hours 7 minutes 1 second Server load: 1.81 1.96 1.65 Total accesses: 648164 - Total Traffic: 8.2 GB - Total Duration: 719208536 CPU Usage: u59.76 s12.77 cu9707.16 cs570.87 - 4.63% CPU load 2.9 requests/sec - 38.6 kB/second - 13.3 kB/request - 1109.61 ms/request 7 requests currently being processed, 121 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 06877no1yes131100 16697no2yes329001 36879no13yes1310013 46881no1yes230000 Sum4017 71211014 _____________R____________________R_W_____________________R_____ ................................_W______________________________ _____________________R____W_____................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-868770/30/5240_ 11.971047419550.00.3872.57 52.70.240.171http/1.1www.krongthongsecurity.com:443GET /beirtdd179544vb771058384 HTTP/1.1 0-868770/24/4983_ 11.101281450402760.00.2661.56 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-json/ HTTP/1.1 0-868770/26/4909_ 11.722068876520.00.4060.32 164.90.222.93http/1.1 0-868770/21/5097_ 11.922048793540.00.2862.97 161.35.176.95http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-868770/24/5147_ 11.7421251687560.00.2879.22 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/in 0-868770/25/5224_ 11.913050709910.00.4062.71 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /config.json HTTP/1.1 0-868770/26/5076_ 11.793109751557000.00.3365.50 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?dnsecaw-246678fetidm53q.htm HTTP/1.1 0-868770/29/4975_ 11.542048178580.00.3561.72 128.199.61.251http/1.1localhost:80GET / HTTP/1.1 0-868770/17/5222_ 11.46350250388740.00.1660.80 147.182.130.98http/1.1 0-868770/24/5317_ 11.922048072380.00.2981.42 144.126.198.24http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-868770/23/5257_ 11.951049364220.00.3963.06 139.59.182.142http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-868770/22/5364_ 11.842049590390.00.2476.17 207.154.240.169http/1.1localhost:80GET /login.action HTTP/1.1 0-868770/21/5307_ 11.900052171030.00.3369.09 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /.git/config HTTP/1.1 0-868770/25/5291R 11.895049122730.00.2562.20 87.236.20.180http/1.1www.dreamhightravel.com:443 0-868770/22/4998_ 11.913049334990.00.2556.97 178.62.3.65http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-868770/26/4955_ 11.7613750751060.00.2359.21 147.182.130.98h2localhost:443[0/0] Software caused connection abort 0-868770/26/4946_ 11.700047839840.00.3459.38 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 0-868770/22/5281_ 11.891048733620.00.2358.35 128.199.61.251http/1.1localhost:80GET /.git/config HTTP/1.1 0-868770/23/5034_ 11.701050217500.00.2771.03 178.62.73.12http/1.1localhost:80GET / HTTP/1.1 0-868770/24/5098_ 11.913050206340.00.3373.64 161.35.176.95http/1.1localhost:443GET / HTTP/1.1 0-868770/21/4986_ 11.903049737540.00.2968.12 139.59.182.142http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-868770/19/5231_ 10.840044691110.00.2367.68 164.90.222.93h2localhost:443[0/0] Software caused connection abort 0-868770/19/4977_ 11.922051856100.00.1563.12 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-868770/27/4986_ 11.971050753540.00.3173.04 161.35.27.144http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-868770/19/5065_ 11.913049737180.00.2562.67 139.59.182.142http/1.1localhost:443GET /about HTTP/1.1 0-868770/20/5166_ 11.89065047541650.00.2867.26 66.249.79.68http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?bxcazkf-7866pitems/etid.html HTTP/1.1 0-868770/24/5260_ 11.700049453910.00.2285.08 139.59.182.142http/1.1localhost:80GET / HTTP/1.1 0-868770/17/5356_ 10.95380750357090.00.2085.39 223.24.157.217h2www.xn--12cx2bef7bl0boq4ch6gugw[0/0] init 0-868770/22/4934_ 11.891049140460.00.2667.95 144.126.198.24http/1.1localhost:443GET / HTTP/1.1 0-868770/15/5223_ 11.98088752416600.00.1959.93 23.22.35.162http/1.1www.chonlateeboi.com:443GET /5396tbrmitems/etidm6.html HTTP/1.1 0-868770/16/5044_ 11.7512647464910.00.2564.72 164.90.222.93h2localhost:443[0/0] Software caused connection abort 0-868770/26/5245_ 11.842046041050.00.3463.60 128.199.61.251http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-866970/22/5364_ 8.613054667380.00.2357.61 139.59.182.142http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 1-866970/19/4986_ 8.700951429170.00.2059.50 144.126.198.24http/1.1localhost:443GET /server-status HTTP/1.1 1-866970/22/5184R 8.585055143570.00.2759.77 147.182.130.98http/1.1 1-866970/13/5136_ 7.87484748848650.00.1668.55 147.182.130.98http/1.1 1-866971/12/5107W 8.490049951420.00.1758.07 164.90.222.93http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 1-866970/13/5043_ 8.543052521240.00.1361.33 178.62.3.65http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /_all_dbs HTTP/1.1 1-866970/16/5474_ 8.520053860880.00.2663.46 139.59.182.142http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 1-866970/16/5294_ 7.923050744480.00.1768.77 161.35.27.144http/1.1 1-866970/19/5196_ 8.604477951386350.00.2070.39 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /comments/feed/ HTTP/1.1 1-866970/16/5462_ 8.630053738520.00.1865.73 144.126.198.24http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-866970/15/5456_ 8.083272653685270.00.1672.12 147.182.130.98http/1.1 1-866970/17/5344_ 8.640052276830.00.2971.18 161.35.176.95http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 1-866970/19/5135_ 8.580051894850.00.3057.87 178.62.3.65http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /.DS_Store HTTP/1.1 1-866970/23/5086_ 8.670052304970.00.23</
Found on 2023-11-22 17:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3136c1425636c142566f754082Apache Status Apache Server Status for ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Saturday, 23-Sep-2023 13:39:51 +07 Restart Time: Saturday, 23-Sep-2023 04:02:11 +07 Parent Server Config. Generation: 1763 Parent Server MPM Generation: 1762 Server uptime: 9 hours 37 minutes 40 seconds Server load: 1.87 1.75 1.68 Total accesses: 62465 - Total Traffic: 1.1 GB - Total Duration: 88580962 CPU Usage: u2989.81 s5219.4 cu51113500 cs12504600 - 184000% CPU load 1.8 requests/sec - 32.4 kB/second - 18.0 kB/request - 1418.09 ms/request 8 requests currently being processed, 7 idle workers W____RCC__.WWR....C_.............................. Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1762158160/55/4950W 37.710065113600.00.7790.03 46.101.103.192http/1.1localhost:443GET /server-status HTTP/1.1 1-1762161900/2/4809_ 0.000068043720.00.0091.09 46.101.103.192http/1.1localhost:443GET /about HTTP/1.1 2-1762158270/48/4960_ 59.750069480400.00.6169.74 161.35.155.246http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 3-1762161970/1/4566_ 0.000160753670.00.0070.01 46.101.103.192http/1.1localhost:443GET /v2/_catalog HTTP/1.1 4-1762154860/91/4716_ 38.220062714330.01.0786.46 161.35.155.246http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 5-1762162030/0/4447R 0.001067587920.00.0062.30 51.79.24.51http/1.1 6-1762159831/23/4293C 48.36031263315743.20.2685.96 96.27.15.15http/1.1www.pentorproperty.com:443GET /wp-login.php HTTP/1.1 7-1762156471/79/3938C 38.351158493521.40.8657.60 161.35.155.246http/1.1localhost:443GET /about HTTP/1.1 8-1762159960/22/3956_ 46.901116657017610.00.2274.75 51.79.24.51http/1.1www.chonlateefood.com:443POST //wp-login.php HTTP/1.1 9-1762162090/1/3582_ 0.000152009450.00.0051.17 161.35.155.246http/1.1localhost:443GET /v2/_catalog HTTP/1.1 10-1762-0/0/3381. 0.0077048220250.00.0056.75 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 11-1762156800/63/3288W 38.470048179590.00.8669.37 51.79.24.51http/1.1www.chonlateemeet.com:443POST //wp-login.php HTTP/1.1 12-1762156860/64/2478W 36.56089533004970.00.8348.67 172.71.126.142http/1.1www.chonlateeit.com:443GET /tag/%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%94%E0%B8%B9%E0%B9%81 13-1762160350/19/2148R 16.30599930852490.00.2333.54 50.31.147.227http/1.1www.chonlateenextbiz.com:443 14-1762-0/0/1846. 0.00120027688740.00.0034.42 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 15-1762-0/0/1652. 0.00124024094780.00.0030.61 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 16-1762-0/0/1255. 0.00127147416287140.00.0024.22 172.70.34.254http/1.1www.chonlateecoffee.com:80GET /tag/%E0%B8%84%E0%B8%B2%E0%B9%80%E0%B8%9F%E0%B9%88%E0%B9%81 17-1762-0/0/542. 0.0011706739090.00.009.78 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 18-1762160561/22/439C 15.37007559401.50.2212.56 46.101.103.192http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 19-1762160620/20/434_ 15.75006162380.00.227.56 46.101.103.192http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 20-1762-0/0/135. 0.00180801533870.00.006.49 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 21-1762-0/0/108. 0.00337301241820.00.005.15 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1762-0/0/63. 0.00336602534870.00.009.38 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1762-0/0/35. 0.0033790235960.00.001.87 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 24-1762-0/0/118. 0.00292301364080.00.003.02 49.0.249.187http/1.1www.uniqueworkthailand.com:80POST /xmlrpc.php HTTP/1.0 25-1762-0/0/28. 0.0033670173890.00.000.44 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1762-0/0/4. 0.0033630157610.00.000.07 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 27-1762-0/0/3. 0.003371096260.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1762-0/0/4. 0.0033680111560.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 29-1762-0/0/58. 0.0032930579870.00.000.70 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 30-1762-0/0/100. 0.0029227711412600.00.001.40 51.79.24.51http/1.1www.chonlateekeyman.com:443POST //wp-login.php HTTP/1.1 31-1762-0/0/3. 0.0033640124930.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 32-1762-0/0/4. 0.003381079740.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 33-1762-0/0/4. 0.0033560129440.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 34-1762-0/0/4. 0.0033580108370.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 35-1762-0/0/9. 0.0033650178550.00.000.15 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 36-1762-0/0/6. 0.0033490134700.00.000.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 37-1762-0/0/2. 0.003387570.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 38-1762-0/0/3. 0.003369086730.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 39-1762-0/0/1. 0.003386000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 40-1762-0/0/84. 0.00295502081880.00.001.29 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 41-1762-0/0/1. 0.003385000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 42-1762-0/0/8. 0.0033340123820.00.000.04 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 107subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 89 seconds, (range: 1...241)index usage: 3%, cache usage: 4%total entries stored since starting: 9861total entries replaced since starting: 0total entries expired since starting: 9754total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 370 hit, 19628 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-23 06:38 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3136c1425636c142568fd8821fApache Status Apache Server Status for ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Wednesday, 20-Sep-2023 13:39:22 +07 Restart Time: Wednesday, 20-Sep-2023 13:38:45 +07 Parent Server Config. Generation: 1749 Parent Server MPM Generation: 1748 Server uptime: 36 seconds Server load: 1.42 1.59 1.37 Total accesses: 215 - Total Traffic: 1.3 MB - Total Duration: 91493 CPU Usage: u2674.6 s5139.32 cu50937800 cs12467100 - 1.76e+8% CPU load 5.97 requests/sec - 36.5 kB/second - 6.1 kB/request - 425.549 ms/request 11 requests currently being processed, 7 idle workers ____WR_RWWCRCCCC__................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1748323550/22/22_ 4.1401204104830.00.210.21 207.154.240.169http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /v2/_catalog HTTP/1.0 1-1748323560/16/16_ 8.6800183900.00.250.25 138.197.88.136http/1.1 2-1748323570/28/28_ 8.3001203170400.00.160.16 161.35.27.144http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /v2/_catalog HTTP/1.0 3-1748323580/27/27_ 3.250062530.00.140.14 143.42.118.5http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 4-1748323590/26/26W 2.430080760.00.130.13 207.154.240.169http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 5-1748324030/16/16R 4.740093570.00.060.06 138.197.88.136http/1.1 6-1748324100/20/20_ 3.110060370.00.080.08 143.42.118.5http/1.1localhost:443GET /v2/_catalog HTTP/1.1 7-1748324170/18/18R 1.410028840.00.080.08 138.197.88.136http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1 8-1748324180/13/13W 2.931056820.00.060.06 139.59.182.142http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /.vscode/sftp.json HTTP/1.1 9-1748324330/9/9W 0.740011780.00.070.07 178.62.73.12http/1.1localhost:443GET /server-status HTTP/1.1 10-1748324391/8/8C 2.411149331.50.030.03 134.122.63.192http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 11-1748324450/3/3R 0.000170.00.000.00 178.62.73.12http/1.1localhost:443GET /about HTTP/1.1 12-1748324511/3/3C 0.56057211474.40.010.01 162.158.238.39http/1.1www.dr-rpi.com:443POST /wp-login.php HTTP/1.1 13-1748324571/2/2C 0.001141.40.000.00 143.42.118.5http/1.1localhost:443GET /about HTTP/1.1 14-1748324641/1/1C 0.000121.50.000.00 159.65.58.104http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 15-1748324701/1/1C 0.000111.50.000.00 178.62.73.12http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 16-1748324720/1/1_ 0.000480.00.000.00 134.122.63.192http/1.1localhost:443GET /server-status HTTP/1.1 17-1748324780/1/1_ 0.000120.00.000.00 162.243.161.105http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 20subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 282 seconds, (range: 267...295)index usage: 0%, cache usage: 0%total entries stored since starting: 20total entries replaced since starting: 0total entries expired since starting: 0total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 0 hit, 128 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-20 06:37
-
-
Apache server-status page is publicly available
The server-status page (usually
/server-status) allows server administrators to find out how well their server is performing.This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
IP: 203.170.192.183
Domain: pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
Port: 443
URL: https://pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.comFirst seen 2023-09-20 06:37
Last seen 2024-02-01 21:07
Open for 134 days-
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb316c12a0d06c12a0d0315a2877Apache Status Apache Server Status for pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Friday, 02-Feb-2024 04:07:48 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 92 Parent Server MPM Generation: 91 Server uptime: 27 days 18 hours 6 minutes 27 seconds Server load: 2.25 2.09 2.02 Total accesses: 1842956 - Total Traffic: 23.8 GB - Total Duration: 2140668817 CPU Usage: u174.62 s105.98 cu32081.1 cs2206.04 - 1.44% CPU load .769 requests/sec - 10.4 kB/second - 13.5 kB/request - 1161.54 ms/request 2 requests currently being processed, 126 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 024826no0yes032000 124845no0yes131000 324847no0yes032000 524831no0yes131000 Sum400 2126000 _________________________________R______________________________ ................................________________________________ ................................_______________________W________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-91248260/2/14748_ 2.5060160256500.00.00193.63 139.144.96.150h2localhost:443[0/0] Software caused connection abort 0-91248260/7/15243_ 2.8950138991490.00.01198.85 164.92.84.255h2localhost:443[0/0] Software caused connection abort 0-91248260/5/14813_ 2.9060150305970.00.00192.57 128.199.62.55http/1.1localhost:443GET /.env HTTP/1.1 0-91248260/4/14993_ 2.9710145868920.00.00185.87 45.55.193.222http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-91248260/3/14897_ 2.9850147705680.00.00185.27 164.92.192.25http/1.1localhost:443GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-91248260/5/15127_ 2.8920156637760.00.00188.41 144.126.198.24http/1.1localhost:443GET /_all_dbs HTTP/1.1 0-91248260/3/14799_ 2.9750145560290.00.00200.10 164.92.84.255http/1.1localhost:443GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-91248260/3/15107_ 2.8930150176580.00.00187.50 164.92.192.25http/1.1localhost:443GET /_all_dbs HTTP/1.1 0-91248260/6/15067_ 3.0030145202600.00.01229.80 159.223.102.13http/1.1localhost:80GET /.DS_Store HTTP/1.1 0-91248260/4/15193_ 2.9630148852630.00.00194.72 134.122.34.144http/1.1localhost:443GET /_all_dbs HTTP/1.1 0-91248260/4/14760_ 2.9550154280280.00.02200.59 167.172.20.95http/1.1localhost:80GET / HTTP/1.1 0-91248260/4/14773_ 2.9550147100270.00.02195.37 167.172.232.142http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-91248260/2/14631_ 2.9640137181620.00.00185.36 45.55.193.222http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-91248260/5/14791_ 3.0010169077040.00.02185.93 139.144.96.150http/1.1localhost:443GET /login.action HTTP/1.1 0-91248260/4/15746_ 2.9700141537700.00.01187.66 167.172.20.95http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 0-91248260/4/14791_ 2.8740165338160.00.00182.39 139.144.150.23h2localhost:443[0/0] Software caused connection abort 0-91248260/5/14839_ 2.9940143397110.00.01206.26 139.144.96.150http/1.1localhost:443GET / HTTP/1.1 0-91248260/3/14907_ 2.8050144873350.00.00189.18 45.55.193.222http/1.1 0-91248260/4/14727_ 2.9550160242940.00.00200.48 137.184.162.65http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-91248260/1/14944_ 2.8667144636710.00.00193.68 159.203.44.43http/1.1 0-91248260/6/14937_ 2.9640181440860.00.01193.26 167.172.232.142http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-91248260/5/14965_ 3.0030146988040.00.02203.98 139.144.150.23http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-91248260/2/15418_ 2.8650150747980.00.00188.12 139.144.150.23h2localhost:443[0/0] Software caused connection abort 0-91248260/2/14630_ 2.9060138763900.00.00190.05 164.92.84.255http/1.1localhost:443GET / HTTP/1.1 0-91248260/4/14923_ 2.9930162204720.00.00186.78 139.144.96.150http/1.1localhost:443GET /about HTTP/1.1 0-91248260/3/14603_ 2.9940135973320.00.00196.85 134.122.34.144http/1.1localhost:443GET /.git/config HTTP/1.1 0-91248260/2/15107_ 2.8750144712670.00.00194.45 64.227.126.135http/1.1localhost:443GET /about HTTP/1.1 0-91248260/3/14885_ 3.0020159153040.00.00213.24 139.144.150.23http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-91248260/6/14687_ 2.8820152163290.00.01175.81 178.62.73.12http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-91248260/2/15147_ 2.8660135099350.00.00225.04 178.128.151.41http/1.1localhost:80GET /.env HTTP/1.1 0-91248260/3/14618_ 2.9650155554030.00.02199.08 139.144.150.23h2localhost:443[0/0] Software caused connection abort 0-91248260/5/14890_ 2.9710145814070.00.00184.99 178.62.73.12http/1.1localhost:443GET /?rest_route=/wp/v2/users/ HTTP/1.1 1-91248450/5/15731_ 2.8100138364770.00.00219.29 137.184.162.65http/1.1localhost:80GET /.git/config HTTP/1.1 1-91248450/5/15812R 2.8240136849570.00.01198.68 164.92.84.255http/1.1 1-91248450/8/15602_ 2.8530174090190.00.02199.96 159.203.44.43h2localhost:443[0/0] Software caused connection abort 1-91248450/9/15318_ 2.9030150896030.00.01189.46 164.92.84.255http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 1-91248450/3/15275_ 2.8020146566320.00.00197.92 159.203.44.43http/1.1 1-91248450/6/15654_ 2.9030134151790.00.01198.79 139.144.96.150http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 1-91248450/3/15351_ 2.8930172789920.00.02188.15 159.223.102.13http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-91248450/2/15185_ 2.5720165483380.00.00189.07 64.227.126.135h2localhost:443[0/0] Software caused connection abort 1-91248450/6/15335_ 2.9120127395500.00.01211.76 134.122.34.144http/1.1localhost:443GET /telescope/requests HTTP/1.1 1-91248450/7/14956_ 2.9120152319130.00.01188.74 159.203.44.43http/1.1localhost:443GET / HTTP/1.1 1-91248450/2/15041_ 2.8230148013860.00.00204.86 164.92.84.255http/1.1localhost:443GET /login.action HTTP/1.1 1-91248450/4/15505_ 2.8930159268070.00.02208.73 167.172.20.95http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-91248450/3/15328_ 2.8230159504020.00.00200.56 139.144.96.150http/1.1 1-91248450/6/15189_ 2.9210137016410.00.00183.04 159.223.102.13http/1.1localhost:80GET /config.json HTTP/1.1
Found on 2024-02-01 21:07 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb316c12a0d06c12a0d0e486ea2aApache Status Apache Server Status for pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Sunday, 07-Jan-2024 15:13:06 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 8 Parent Server MPM Generation: 7 Server uptime: 2 days 5 hours 11 minutes 45 seconds Server load: 2.54 2.71 2.78 Total accesses: 888375 - Total Traffic: 12.0 GB - Total Duration: 1104440607 CPU Usage: u162.81 s14.98 cu15076.1 cs792.86 - 8.38% CPU load 4.64 requests/sec - 65.7 kB/second - 14.2 kB/request - 1243.21 ms/request 10 requests currently being processed, 54 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 05613no12yes428008 117271no7yes626004 Sum2019 10540012 _______________________W___WWR___R__W_R__________W_R____W_______ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-756130/158/7049_ 106.881095656150.01.71102.74 147.182.130.98http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-756130/193/7543_ 106.850073597160.02.32104.46 83.229.112.30http/1.1www.xn--12cbt1cxdh6e8ac5x.com:8GET /wp-admin/js/widgets/about.php HTTP/1.1 0-756130/189/7128_ 106.880080121270.01.99102.25 64.227.126.135http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-756130/226/7400_ 106.900077162130.02.2794.81 144.126.202.105http/1.1localhost:443GET /server-status HTTP/1.1 0-756130/185/7323_ 106.861077512160.02.2891.84 142.93.153.3http/1.1localhost:80GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-756130/181/7456_ 106.89049390109900.01.9698.10 173.201.252.240http/1.1www.ozonepluswater.net:443POST /wp-login.php HTTP/1.1 0-756130/209/7297_ 106.811071933600.02.31108.87 31.184.236.34http/1.1 0-756130/135/7301_ 106.770083202790.01.5095.18 165.232.76.155http/1.1localhost:443GET / HTTP/1.1 0-756130/179/7496_ 106.190077242750.01.98145.59 31.184.236.34http/1.1 0-756130/192/7395_ 106.890129679684310.02.0792.83 23.22.35.162http/1.1www.chonlateeboi.com:443GET /31206xzlietidm65g.htm HTTP/1.1 0-756130/171/7163_ 106.821088241580.02.08114.06 83.229.112.30http/1.1www.xn--12cbt1cxdh6e8ac5x.com:8GET /fw.php HTTP/1.1 0-756130/167/6925_ 106.86084285607090.01.9989.92 3.224.220.101http/1.1www.chonlateeboi.com:443GET /12311lrvyetidm34ny.html HTTP/1.1 0-756130/195/7006_ 105.71184065163630.02.3492.95 40.77.167.52h2www.thesungolden.com:443[1/1] done: stream 1, GET /549981/606785.html 0-756130/196/7211_ 106.890096080520.02.8498.63 142.93.153.3http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-756130/191/7876_ 106.850573415120.02.0398.88 64.227.126.135http/1.1localhost:443GET /server-status HTTP/1.1 0-756130/184/7059_ 106.52163695385640.02.0390.38 165.232.76.155h2localhost:443[0/0] Software caused connection abort 0-756130/217/7217_ 106.881076368060.02.0692.57 83.229.112.30http/1.1www.xn--12cbt1cxdh6e8ac5x.com:8GET /wp-includes/blocks/calendar/updates.php HTTP/1.1 0-756130/171/7276_ 106.7011175173100.02.1897.07 142.93.153.3http/1.1localhost:80GET /server-status HTTP/1.1 0-756130/248/7315_ 106.781089996810.02.4591.39 164.90.222.93http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-756130/236/7372_ 106.821076402880.02.1998.36 165.232.76.155http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-756130/179/7350_ 106.8900116546280.02.26101.69 147.182.130.98http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-756130/175/7026_ 106.70034480076850.02.2193.99 66.249.71.202http/1.1www.twinbuilt.co.th:443GET /?e=outback-%E2%80%93-brown-%E2%80%93-jim-green-8-ii-VobOQ0 0-756130/196/7603_ 106.85070387721790.02.13100.32 173.201.252.240http/1.1www.ozonepluswater.net:443GET /wp-login.php HTTP/1.1 0-756131/193/7138W 104.4042071370150.02.28100.35 94.228.169.107http/1.1www.thesungolden.com:443POST /wp-content/uploads/wpr-addons/forms/061f69806f7d.php HTTP 0-756130/168/7164_ 106.61085095518500.01.8790.35 3.224.220.101http/1.1www.chonlateeboi.com:443GET /19203mywgitems/etidm.htm HTTP/1.1 0-756130/182/7345_ 106.77084664909560.02.2593.48 31.184.236.42http/1.1 0-756130/245/7228_ 106.821079462670.02.54101.61 144.126.202.105http/1.1localhost:443GET /about HTTP/1.1 0-756131/223/7256W 105.920089070650.02.64122.74 165.232.76.155http/1.1localhost:443GET /server-status HTTP/1.1 0-756131/173/7029W 106.810078124630.01.9087.92 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /iaxnuvn-23187kitems/etidm.htm HTTP/1.1 0-756130/163/7323R 106.781083639450.02.36127.42 83.229.112.30http/1.1www.xn--12cbt1cxdh6e8ac5x.com:8GET /new.php HTTP/1.1 0-756130/159/6953_ 106.760787029000.01.94100.39 144.126.202.105http/1.1localhost:443GET /server-status HTTP/1.1 0-756130/162/7331_ 106.78142677920150.01.8193.50 50.62.144.122http/1.1www.ltclevelup.com:443GET /wp-login.php HTTP/1.1 1-7172710/57/7227_ 49.941085658810.00.64121.16 64.227.126.135http/1.1localhost:443GET /v2/_catalog HTTP/1.1 1-7172710/90/7004R 48.83184380415890.01.1288.88 144.126.202.105h2localhost:443[0/0] Software caused connection abort 1-7172710/100/7136_ 49.6210107432670.01.0894.26 147.182.130.98h2localhost:443[0/0] Software caused connection abort 1-7172710/97/6730_ 49.931085814040.01.0887.88 144.126.202.105http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 1-7172711/56/6877W 31.31522081814100.00.70100.87 94.228.169.107http/1.1www.thesungolden.com:443POST /wp-content/uploads/wpr-addons/forms/061f69806f7d.php HTTP 1-7172710/91/7002_ 50.00035481256720.00.9293.21 66.249.73.132http/1.1www.twinbuilt.co.th:443GET /?e=billions-star-asia-kate-dillon-schools-ellen-on-being-2 1-7172710/106/7033R 49.84184298994420.01.2390.78 23.22.35.162http/1.1 1-7172710/93/7065_ 49.850092312010.00.9595.88 142.93.153.3http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-7172710/90/7069_ 49.781074206500.00.9989.80 83.229.112.30http/1.1www.xn--12cbt1cxdh6e8ac5x.com:8GET /i.php HTTP/1.1 1-7172710/78/6915_ 49.830090378950.00.7595.86 83.229.112.30http/1.1www.xn--12cbt1cxdh6e8ac5x.com:8GET /wp-includes/SimplePie/plugins.php HTTP/1.1 1-7172710/82/6671_ 49.961092694400.00.9393.48 165.232.76.155http/1.1localhost:443GET /v2/_catalog HTTP/1.1 1-7172710/91/7219_ 49.930082117560.00.96103.00 142.93.153.3http/1.1localhost:80GET /.git/config HTTP/1.1 1-7172710/80/6922_ 49.891352104234870.00.9494.54 66.249.71.201http/1.1www.twinbuilt.co.th:443GE
Found on 2024-01-07 08:12 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb316c12a0d06c12a0d0e1f8505fApache Status Apache Server Status for pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Saturday, 06-Jan-2024 05:10:46 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 4 Parent Server MPM Generation: 3 Server uptime: 19 hours 9 minutes 25 seconds Server load: 2.90 2.67 2.77 Total accesses: 334931 - Total Traffic: 4.7 GB - Total Duration: 319692414 CPU Usage: u268.92 s16.89 cu5368.74 cs287.12 - 8.62% CPU load 4.86 requests/sec - 71.2 kB/second - 14.7 kB/request - 954.502 ms/request 8 requests currently being processed, 120 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 131365no4yes131002 431495no6yes329002 531496no4yes230001 631500no4yes230000 Sum4018 8120005 ................................________________W_______________ ................................................................ __W______RR________________________W______________________W_____ __W_____W_______________________................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-3-0/0/3197. 0.00322583828794620.00.0047.16 40.77.167.26h2www.chonlateenextbiz.com:443[0/0] init 0-3-0/0/3457. 0.003225104924920150.00.0045.31 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?dushsbr-307440fetidm13qhf.htm HTTP/1.1 0-3-0/0/3121. 0.00322583837618890.00.0053.59 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?puehsbr-278488retidm68chr HTTP/1.1 0-3-0/0/3383. 0.0032252627408330.00.0042.74 157.55.39.62h2www.chonlateeaa.com:443GET /sitemap654.xml HTTP/2.0 0-3-0/0/3238. 0.00322584425519520.00.0040.45 40.77.167.26h2www.chonlateenextbiz.com:443[1/1] done: stream 1, GET /wade-logan-furniture-manufacturer-e- 0-3-0/0/3479. 0.00322589032497720.00.0043.89 185.191.171.17http/1.1www.chonlateefood.com:443GET /items/kjz6692jxxftidm21.html HTTP/1.1 0-3-0/0/3263. 0.00322584025491150.00.0055.73 3.224.220.101http/1.1www.chonlateeboi.com:443GET /862cafjetidm61e HTTP/1.1 0-3-0/0/3289. 0.00322583926539240.00.0042.51 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /trust.php?xumhsbr-299660zitems/etidm9.html HTTP/1.1 0-3-0/0/3338. 0.003225182226330900.00.0084.97 193.70.81.116http/1.1www.chonlateefood.com:443GET /tag/%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%B1%E0%B8%81 0-3-0/0/3257. 0.00322579625457030.00.0042.03 91.92.252.141http/1.1www.xn--12cx2bef7bl0boq4ch6gugwGET /wp-includes/images/include.php HTTP/1.1 0-3-0/0/3174. 0.003225117328818450.00.0038.87 66.249.71.169http/1.1www.chonlateeadmin.com:443GET /trust.php?jafaonh-59042setidm.html HTTP/1.1 0-3-0/0/3151. 0.00322588625715070.00.0040.28 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?howhsbr-345014jitems/etidm83u.html HTTP/1.1 0-3-0/0/3099. 0.003225176425515810.00.0042.13 193.70.81.116http/1.1www.chonlateefood.com:443GET /tag/%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%B1%E0%B8%81 0-3-0/0/3370. 0.00322583836737120.00.0046.01 193.70.81.116http/1.1www.chonlateefood.com:443GET /tag/%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%B1%E0%B8%81 0-3-0/0/3431. 0.00322584328933940.00.0045.92 23.22.35.162http/1.1www.chonlateeboi.com:443GET /15371tbrmetidm.html HTTP/1.1 0-3-0/0/3141. 0.00322584030664290.00.0040.47 52.70.240.171http/1.1www.chonlateeboi.com:443GET /15347tbrmetidm.html HTTP/1.1 0-3-0/0/3143. 0.003225104429759900.00.0040.26 66.249.71.169http/1.1www.chonlateeadmin.com:443GET /trust.php?jqfggdh-241250setidm.html HTTP/1.1 0-3-0/0/3396. 0.003225104826723090.00.0044.80 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?eedvrsm-1733qeti.html HTTP/1.1 0-3-0/0/3303. 0.003225104724900520.00.0043.00 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?iexhsbr-285631kitems/etidm16vr HTTP/1.1 0-3-0/0/3158. 0.00322584329506320.00.0046.19 3.224.220.101http/1.1www.chonlateeboi.com:443GET /49069gcmpitems/etidm85 HTTP/1.1 0-3-0/0/3250. 0.00322584824853440.00.0050.06 185.191.171.13http/1.1www.chonlateeboi.com:443GET /17518cafjetidm23u HTTP/1.1 0-3-0/0/3264. 0.00322583927269360.00.0046.07 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?ufjhsbr-284525wetidm37.html HTTP/1.1 0-3-0/0/3611. 0.003225108525360900.00.0045.83 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?iqhadej-311189ueti.html HTTP/1.1 0-3-0/0/3169. 0.0032253225101100.00.0040.90 193.70.81.116http/1.1www.chonlateefood.com:443GET /tag/%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%B1%E0%B8%81 0-3-0/0/3163. 0.00322583925373180.00.0040.32 195.191.219.130http/1.1www.1smestartup.com:443GET /%E0%B8%95%E0%B9%88%E0%B8%AD%E0%B8%AD%E0%B8%B2%E0%B8%A2%E0% 0-3-0/0/3166. 0.00322583926244240.00.0040.79 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?aiwsvcw-74893jetidm98n HTTP/1.1 0-3-0/0/3227. 0.003225124228285370.00.0051.28 85.208.96.205http/1.1www.chonlateenextbiz.com:443GET /uftriw/vanshaj-upcoming-story.html HTTP/1.1 0-3-0/0/3172. 0.00322583631872270.00.0070.96 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?toihsbr-278518vetidm20g HTTP/1.1 0-3-0/0/3113. 0.00322584225434050.00.0039.06 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?lwmqxjd-321878zetidm6 HTTP/1.1 0-3-0/0/3457. 0.00322596524094380.00.0079.56 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?loahsbr-285998nitems/etidm49y.html HTTP/1.1 0-3-0/0/3135. 0.00322594727823180.00.0047.85 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /trust.php?mfbhsbr-286025oeti.html HTTP/1.1 0-3-0/0/3521. 0.003225112528035970.00.0043.24 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?fouhsbr-285602hitems/etid.html HTTP/1.1 1-3313650/105/2749_ 56.47184220681180.01.2936.02 52.70.240.171http/1.1www.chonlateeboi.com:443GET /3609xhlfitems/eti.htm HTTP/1.1 1-3313650/130/2523_ 56.76384422583930.01.3332.22 47.128.48.20h2www.chonlateevip.com:443[3/3] done: stream 5, GET /wp-content/uploads/2019/02/Slide_Hom 1-3313650/93/2624_ 56.68188521278280.01.1435.62 23.22.35.162http/1.1www.chonlateeboi.com:443GET /16527oqmiitems/etidm82ri.htm HTTP/1.1 1-3313650/93/2464_ 56.19565222721300.01.0932.81 47.128.48.20h2www.chonlateevip.com:443[1/1] done: stream 1, GET /tag/%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B 1-3313650/80/2449_ 56.812114036466220.00.9436.26 104.234.204.32http/1.1www.chonlateepro.com:443GET //chonlateepro.com/wp-content/plugins/so-widgets-bundle/wid 1-3313650/104/2645_ 56.73484420121420.01.4234.74 47.128.48.20h2www.chonlateevip.com:443[2/2] done: stream 3, GET /wp-content/uploads/2022/07/Slide_Hom 1-3313650/94/2519_ 56.540020379950.01.1431.11 134.122.89.242http/1.1localhost:443GET / HTTP/1.1 1-3313650/96/2594_ 56.811227721408690.01.2035.61 104.234.204.32http/1.1www.chonlateekeyman.com:443GET //chonlateekeyman.com/wp-content/themes/sydney/js/scripts.j 1-3313650/109/2586_ 56.69087021164610.01.3035.07 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /gvvgiii-9405iitems/etidm46.htm HTTP/1.1 1-3313650/103/2483_ 56.314842
Found on 2024-01-05 22:10 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb316c12a0d06c12a0d0f193027cApache Status Apache Server Status for pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Tuesday, 12-Dec-2023 05:07:49 ICT Restart Time: Friday, 01-Dec-2023 00:22:58 ICT Parent Server Config. Generation: 44 Parent Server MPM Generation: 43 Server uptime: 11 days 4 hours 44 minutes 51 seconds Server load: 2.12 2.00 1.41 Total accesses: 4435056 - Total Traffic: 56.8 GB - Total Duration: 4177872777 CPU Usage: u378.06 s57.03 cu79757.4 cs4172.6 - 8.72% CPU load 4.58 requests/sec - 61.6 kB/second - 13.4 kB/request - 942.011 ms/request 9 requests currently being processed, 119 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 031012no3yes428001 131030no1yes329001 431190no2yes032001 531192no9yes230004 Sum4015 9119007 _______W_________W____R_______R__________________________W__W_W_ ................................................................ ________________________________________W__________R____________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-43310120/142/39839_ 83.760653361848370.01.72504.02 198.199.121.22http/1.1localhost:443GET /server-status HTTP/1.1 0-43310120/144/39242_ 83.363861367869750.01.71495.64 142.93.158.96http/1.1localhost:80\x16\x03\x01\x01\x07\x01 0-43310120/127/39688_ 83.56014403233820.01.52512.29 198.199.121.22http/1.1localhost:443GET /server-status HTTP/1.1 0-43310120/133/39647_ 83.604858391522040.01.59517.09 66.249.71.2http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?shlnuow-53773yetidm.html HTTP/1.1 0-43310120/141/40185_ 82.8601417373750100.01.69571.16 47.128.50.125h2www.xn--12cx2bef7bl0boq4ch6gugw[1/1] done: stream 1, GET /wp-content/uploads/2021/01/logo_Home 0-43310120/121/39220_ 83.4010400813650.01.41496.50 128.199.195.68http/1.1localhost:443GET /config.json HTTP/1.1 0-43310120/126/39542_ 83.6330405292700.01.50497.44 164.92.192.25http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-43310121/226/40427W 83.4000369582620.01.72505.63 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?lyezslq-4886retidm8.htm HTTP/1.1 0-43310120/123/39306_ 83.4250382089580.01.60513.85 138.68.133.118http/1.1localhost:80GET /about HTTP/1.1 0-43310120/143/39697_ 82.841860370088930.01.65506.37 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?glziejy-46299mitems/eti HTTP/1.1 0-43310120/133/39304_ 83.4530386421090.08.60484.88 138.68.133.118http/1.1localhost:80GET /.DS_Store HTTP/1.1 0-43310120/116/39311_ 83.383645370959280.01.58526.95 128.199.195.68http/1.1localhost:443GET /server-status HTTP/1.1 0-43310120/128/39251_ 83.420861377745850.01.68479.35 66.249.71.2http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?jwciejy-21186petidm35wjp HTTP/1.1 0-43310120/138/39438_ 83.022897409456980.01.64507.76 162.243.184.251h2localhost:443[0/0] Software caused connection abort 0-43310120/135/39607_ 83.701889382267340.01.58497.03 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?242370rvjfetid.htm HTTP/1.1 0-43310120/126/39280_ 83.643680375554420.01.47551.66 66.249.71.4http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?uonlbze-29725aetidm.html HTTP/1.1 0-43310120/130/40254_ 83.353859376965110.01.83531.47 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?jncagyn-14972petid.htm HTTP/1.1 0-43310121/132/39774W 83.1600368729120.01.48489.47 162.243.184.251http/1.1localhost:443GET /server-status HTTP/1.1 0-43310120/122/39817_ 82.24312371781460.01.85514.08 128.199.195.68http/1.1localhost:443GET /server-status HTTP/1.1 0-43310120/135/40051_ 83.681615386572840.01.65550.42 66.249.64.103http/1.1www.chonlateefbc.com:443GET /?m=vinylnitrile-medium-xtgr-mm-LYo3Dzf5 HTTP/1.1 0-43310120/134/39496_ 83.594848366839120.01.75519.68 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /trust.php?mkbqxjd-40429oitems/etidm29 HTTP/1.1 0-43310120/124/39620_ 83.642675390125060.01.61510.97 66.249.64.227http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?uodqbmb-16257qitems/eti HTTP/1.1 0-43310120/132/39384R 83.5650410399620.01.70520.70 85.208.96.209http/1.1 0-43310120/132/38792_ 83.2940363790010.01.66481.28 128.199.195.68http/1.1localhost:443GET / HTTP/1.1 0-43310120/128/39787_ 83.7500374003570.01.53526.39 164.92.192.25http/1.1localhost:443GET /.env HTTP/1.1 0-43310120/149/39073_ 83.4530390505680.02.08477.83 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /odvuqhe68589iitems/etidm35 HTTP/1.1 0-43310120/127/39749_ 83.6820375219360.01.42591.18 164.92.192.25http/1.1localhost:443GET /login.action HTTP/1.1 0-43310120/127/38960_ 83.5940372364500.01.58516.31 142.93.158.96http/1.1localhost:80GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-43310120/149/39566_ 83.3920413929430.01.76529.79 198.199.121.22h2localhost:443[0/0] Software caused connection abort 0-43310120/140/39533_ 83.6040377082090.01.78510.72 198.199.121.22http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-43310120/112/39503R 83.4150371943010.01.35499.47 23.22.35.162http/1.1 0-43310120/117/39244_ 82.0840380222100.01.32544.19 3.224.220.101http/1.1www.krongthongsecurity.com:443GET /fhmuqhe174452zetidm8.htm HTTP/1.1 1-43310300/110/40647_ 67.8620377602780.01.47512.75 164.92.192.25http/1.1localhost:443GET /server-status HTTP/1.1 1-43310300/106/40560_ 67.6940386263960.01.27555.62 138.68.133.118http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 1-43310300/103/40349_ 67.0550387968290.01.33562.67 164.92.192.25h2localhost:443[0/0] Software caused connection abort 1-43310300/112/40588_ 67.6550395504500.01.38570.37 128.199.195.68http/1.1localhost:443GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 1-43310300/90/41423_ 67.6470367215030.01.05630.52 128.199.195.68http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 1-43310300/104/40143_ 67.8050364544620.01.32576.48 198.199.121.22http/1.1localhost:443GET / HTTP/1.1 1-43310300/106/40268_ 67.7220367019960.01.22537.26 138.68.133.118http/1.1localhost:80GET /login.action HTTP/1.1 1-43310300/103/40803_ 65.763672391136950.01.26519.25 185.191.171.11http/1.1www.chonlateeadmin.com:443GET /tliasyu-29230vetidm94g HTTP/1.1 1-43310300/113/40440_ 67.5220379667520.01.57508.60 3.224.220.101http/1.1www.krongthongsecurity.com:443GET /rhyuqhe194120letidm18eul.htm HTTP/1.1 1-43310300/96/40511_ 67.7850372055410.01.21517.59 142.93.158.96http/1.1localhost:80GET /.env HTTP/1.1 1-43310300/102/41062_ 67.8240368334380.01.26541.43 164.92.192.25http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 1-43310300/96/40893_
Found on 2023-12-11 22:07 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb316c12a0d06c12a0d06a7664c0Apache Status Apache Server Status for pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Thursday, 23-Nov-2023 00:24:03 ICT Restart Time: Monday, 20-Nov-2023 10:17:03 ICT Parent Server Config. Generation: 9 Parent Server MPM Generation: 8 Server uptime: 2 days 14 hours 7 minutes Server load: 1.81 1.96 1.65 Total accesses: 648158 - Total Traffic: 8.2 GB - Total Duration: 719207629 CPU Usage: u59.69 s12.76 cu9707.16 cs570.87 - 4.63% CPU load 2.9 requests/sec - 38.6 kB/second - 13.3 kB/request - 1109.62 ms/request 9 requests currently being processed, 119 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 06877no1yes329100 16697no2yes527001 36879no13yes0320013 46881no18yes1310015 Sum4034 91191029 _____________R_______R_______W_____________R_R__________R_R_W___ ................................________________________________ __________________________W_____................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-868770/30/5240_ 11.970047419550.00.3872.57 52.70.240.171http/1.1www.krongthongsecurity.com:443GET /beirtdd179544vb771058384 HTTP/1.1 0-868770/24/4983_ 11.101281450402760.00.2661.56 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-json/ HTTP/1.1 0-868770/26/4909_ 11.721068876520.00.4060.32 164.90.222.93http/1.1 0-868770/21/5097_ 11.921048793540.00.2862.97 161.35.176.95http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-868770/24/5147_ 11.7411251687560.00.2879.22 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/in 0-868770/25/5224_ 11.912050709910.00.4062.71 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /config.json HTTP/1.1 0-868770/26/5076_ 11.792109751557000.00.3365.50 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?dnsecaw-246678fetidm53q.htm HTTP/1.1 0-868770/29/4975_ 11.541048178580.00.3561.72 128.199.61.251http/1.1localhost:80GET / HTTP/1.1 0-868770/17/5222_ 11.46250250388740.00.1660.80 147.182.130.98http/1.1 0-868770/24/5317_ 11.921048072380.00.2981.42 144.126.198.24http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-868770/23/5257_ 11.950049364220.00.3963.06 139.59.182.142http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-868770/22/5364_ 11.842049590390.00.2476.17 207.154.240.169http/1.1localhost:80GET /login.action HTTP/1.1 0-868770/21/5307_ 11.903052171030.00.3369.09 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /.git/config HTTP/1.1 0-868770/25/5291R 11.894049122730.00.2562.20 87.236.20.180http/1.1www.dreamhightravel.com:443 0-868770/22/4998_ 11.912049334990.00.2556.97 178.62.3.65http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-868770/26/4955_ 11.7603750751060.00.2359.21 147.182.130.98h2localhost:443[0/0] Software caused connection abort 0-868770/26/4946_ 11.703047839840.00.3459.38 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 0-868770/22/5281_ 11.890048733620.00.2358.35 128.199.61.251http/1.1localhost:80GET /.git/config HTTP/1.1 0-868770/23/5034_ 11.700050217500.00.2771.03 178.62.73.12http/1.1localhost:80GET / HTTP/1.1 0-868770/24/5098_ 11.912050206340.00.3373.64 161.35.176.95http/1.1localhost:443GET / HTTP/1.1 0-868770/21/4986_ 11.903049737540.00.2968.12 139.59.182.142http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-868770/19/5231R 10.844044691110.00.2367.68 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /bqirtdd190230vf037b7e3 HTTP/1.1 0-868770/19/4977_ 11.921051856100.00.1563.12 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-868770/27/4986_ 11.970050753540.00.3173.04 161.35.27.144http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-868770/19/5065_ 11.912049737180.00.2562.67 139.59.182.142http/1.1localhost:443GET /about HTTP/1.1 0-868770/20/5166_ 11.89065047541650.00.2867.26 66.249.79.68http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?bxcazkf-7866pitems/etid.html HTTP/1.1 0-868770/24/5260_ 11.700049453910.00.2285.08 139.59.182.142http/1.1localhost:80GET / HTTP/1.1 0-868770/17/5356_ 10.95280750357090.00.2085.39 223.24.157.217h2www.xn--12cx2bef7bl0boq4ch6gugw[0/0] init 0-868770/22/4934_ 11.890049140460.00.2667.95 144.126.198.24http/1.1localhost:443GET / HTTP/1.1 0-868771/14/5222W 11.750052407730.00.1859.91 23.22.35.162http/1.1www.chonlateeboi.com:443GET /5396tbrmitems/etidm6.html HTTP/1.1 0-868770/16/5044_ 11.7502647464910.00.2564.72 164.90.222.93h2localhost:443[0/0] Software caused connection abort 0-868770/26/5245_ 11.841046041050.00.3463.60 128.199.61.251http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-866970/22/5364_ 8.612054667380.00.2357.61 139.59.182.142http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 1-866970/18/4985_ 8.584051429080.00.1959.49 139.59.182.142http/1.1localhost:443GET / HTTP/1.1 1-866970/22/5184_ 8.585055143570.00.2759.77 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /login.action HTTP/1.1 1-866970/13/5136_ 7.87384748848650.00.1668.55 147.182.130.98http/1.1 1-866970/12/5107_ 8.4953749951420.00.1758.07 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/themes/sydney/js/functions.min.js?ver=20230315 1-866970/13/5043_ 8.542052521240.00.1361.33 178.62.3.65http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /_all_dbs HTTP/1.1 1-866970/16/5474_ 8.520053860880.00.2663.46 139.59.182.142http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 1-866970/16/5294_ 7.923050744480.00.1768.77 161.35.27.144http/1.1 1-866970/19/5196_ 8.603477951386350.00.2070.39 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /comments/feed/ HTTP/1.1 1-866970/16/5462_ 8.630053738520.00.1865.73 144.126.198.24http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-866970/15/5456_ 8.082272653685270.00.1672.12 147.182.130.98http/1.1 1-866970/16/5343R 8.58589052276830.00.2871.18 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /category/%e0%b8%a3%e0%b8%b1%e0%b8%9a%e0%b8%9b%e0%b8%b4%e0% 1-866970/19/5135_ 8.585051894850.00.3057.87 178.62.3.65http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /.DS_Store HTTP
Found on 2023-11-22 17:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3185651fdb85651fdb7a499fffApache Status Apache Server Status for pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Saturday, 23-Sep-2023 13:39:52 +07 Restart Time: Saturday, 23-Sep-2023 04:02:11 +07 Parent Server Config. Generation: 1763 Parent Server MPM Generation: 1762 Server uptime: 9 hours 37 minutes 41 seconds Server load: 1.87 1.75 1.68 Total accesses: 62471 - Total Traffic: 1.1 GB - Total Duration: 88583724 CPU Usage: u2991.22 s5219.7 cu51113500 cs12504600 - 184000% CPU load 1.8 requests/sec - 32.4 kB/second - 18.0 kB/request - 1418 ms/request 9 requests currently being processed, 6 idle workers _WRRRW__CR.___....CC.............................. Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1762158160/56/4951_ 37.710165113630.00.7790.04 46.101.103.192http/1.1localhost:443GET /server-status HTTP/1.1 1-1762161900/2/4809W 0.000068043720.00.0091.09 161.35.155.246http/1.1localhost:443GET /server-status HTTP/1.1 2-1762158270/48/4960R 59.751069480400.00.6169.74 161.35.155.246http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 3-1762161970/1/4566R 0.001160753670.00.0070.01 104.197.209.149http/1.1 4-1762154860/91/4716R 38.221062714330.01.0786.46 18.118.248.135http/1.1www.chonlateenextbiz.com:443 5-1762162030/0/4447W 0.001067587920.00.0062.30 51.79.24.51http/1.1www.chonlateefood.com:443POST //wp-login.php HTTP/1.1 6-1762159830/23/4293_ 48.36031263315740.00.2685.96 96.27.15.15http/1.1www.pentorproperty.com:443GET /wp-login.php HTTP/1.1 7-1762156470/79/3938_ 38.350158493520.00.8657.60 161.35.155.246http/1.1localhost:443GET /about HTTP/1.1 8-1762159961/23/3957C 46.900157017631.50.2274.75 161.35.155.246http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 9-1762162090/1/3582R 0.001152009450.00.0051.17 96.27.15.15http/1.1www.pentorproperty.com:443 10-1762-0/0/3381. 0.0078048220250.00.0056.75 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 11-1762156800/64/3289_ 39.31083448196270.00.8769.39 51.79.24.51http/1.1www.chonlateemeet.com:443POST //wp-login.php HTTP/1.1 12-1762156860/65/2479_ 37.400108333015800.00.8648.70 172.71.126.142http/1.1www.chonlateeit.com:443GET /tag/%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%94%E0%B8%B9%E0%B9%81 13-1762160350/20/2149_ 16.330130852520.00.2333.54 50.31.147.227http/1.1www.chonlateenextbiz.com:443POST /xmlrpc.php HTTP/1.1 14-1762-0/0/1846. 0.00121027688740.00.0034.42 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 15-1762-0/0/1652. 0.00125024094780.00.0030.61 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 16-1762-0/0/1255. 0.00128147416287140.00.0024.22 172.70.34.254http/1.1www.chonlateecoffee.com:80GET /tag/%E0%B8%84%E0%B8%B2%E0%B9%80%E0%B8%9F%E0%B9%88%E0%B9%81 17-1762-0/0/542. 0.0011806739090.00.009.78 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 18-1762160561/22/439C 15.37107559401.50.2212.56 46.101.103.192http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 19-1762160621/21/435C 15.75016162411.40.227.56 46.101.103.192http/1.1localhost:443GET /login.action HTTP/1.1 20-1762-0/0/135. 0.00180901533870.00.006.49 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 21-1762-0/0/108. 0.00337401241820.00.005.15 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1762-0/0/63. 0.00336702534870.00.009.38 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1762-0/0/35. 0.0033800235960.00.001.87 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 24-1762-0/0/118. 0.00292401364080.00.003.02 49.0.249.187http/1.1www.uniqueworkthailand.com:80POST /xmlrpc.php HTTP/1.0 25-1762-0/0/28. 0.0033680173890.00.000.44 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1762-0/0/4. 0.0033640157610.00.000.07 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 27-1762-0/0/3. 0.003372096260.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1762-0/0/4. 0.0033690111560.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 29-1762-0/0/58. 0.0032940579870.00.000.70 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 30-1762-0/0/100. 0.0029237711412600.00.001.40 51.79.24.51http/1.1www.chonlateekeyman.com:443POST //wp-login.php HTTP/1.1 31-1762-0/0/3. 0.0033650124930.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 32-1762-0/0/4. 0.003382079740.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 33-1762-0/0/4. 0.0033570129440.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 34-1762-0/0/4. 0.0033590108370.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 35-1762-0/0/9. 0.0033660178550.00.000.15 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 36-1762-0/0/6. 0.0033500134700.00.000.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 37-1762-0/0/2. 0.003388570.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 38-1762-0/0/3. 0.003370086730.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 39-1762-0/0/1. 0.003387000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 40-1762-0/0/84. 0.00295602081880.00.001.29 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 41-1762-0/0/1. 0.003386000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 42-1762-0/0/8. 0.0033350123820.00.000.04 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 108subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 95 seconds, (range: 0...299)index usage: 3%, cache usage: 4%total entries stored since starting: 9862total entries replaced since starting: 0total entries expired since starting: 9754total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 371 hit, 19629 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-23 06:38 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3185651fdb85651fdb4bb9d188Apache Status Apache Server Status for pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Wednesday, 20-Sep-2023 13:39:21 +07 Restart Time: Wednesday, 20-Sep-2023 13:38:45 +07 Parent Server Config. Generation: 1749 Parent Server MPM Generation: 1748 Server uptime: 35 seconds Server load: 1.42 1.59 1.37 Total accesses: 211 - Total Traffic: 1.3 MB - Total Duration: 87932 CPU Usage: u2673.22 s5138.95 cu50937800 cs12467100 - 1.81e+8% CPU load 6.03 requests/sec - 37.2 kB/second - 6.2 kB/request - 416.739 ms/request 9 requests currently being processed, 9 idle workers __WC____W_C_WCCCW_................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1748323550/22/22_ 4.1401204104830.00.210.21 207.154.240.169http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /v2/_catalog HTTP/1.0 1-1748323560/16/16_ 8.6800183900.00.250.25 159.65.58.104http/1.1localhost:443GET /v2/_catalog HTTP/1.1 2-1748323570/27/27W 7.1110146330.00.160.16 161.35.27.144http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /v2/_catalog HTTP/1.0 3-1748323581/27/27C 3.251062532.70.140.14 143.42.118.5http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 4-1748323590/26/26_ 2.430080760.00.130.13 178.62.73.12http/1.1localhost:443GET /v2/_catalog HTTP/1.1 5-1748324030/16/16_ 4.740093570.00.060.06 138.197.88.136http/1.1 6-1748324100/19/19_ 3.110060350.00.070.07 162.243.161.105http/1.1localhost:80GET /telescope/requests HTTP/1.0 7-1748324170/18/18_ 1.410028840.00.080.08 143.42.118.5http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 8-1748324180/13/13W 2.930056820.00.060.06 139.59.182.142http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /.vscode/sftp.json HTTP/1.1 9-1748324330/9/9_ 0.740011780.00.070.07 159.65.58.104http/1.1localhost:443GET /about HTTP/1.1 10-1748324391/8/8C 2.410149331.50.030.03 134.122.63.192http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 11-1748324450/3/3_ 0.000170.00.000.00 178.62.73.12http/1.1localhost:443GET /about HTTP/1.1 12-1748324510/2/2W 0.000030.00.000.00 162.158.238.39http/1.1www.dr-rpi.com:443POST /wp-login.php HTTP/1.1 13-1748324571/2/2C 0.001141.40.000.00 143.42.118.5http/1.1localhost:443GET /about HTTP/1.1 14-1748324641/1/1C 0.000121.50.000.00 159.65.58.104http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 15-1748324701/1/1C 0.000111.50.000.00 178.62.73.12http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 16-1748324720/0/0W 0.000000.00.000.00 134.122.63.192http/1.1localhost:443GET /server-status HTTP/1.1 17-1748324780/1/1_ 0.000120.00.000.00 162.243.161.105http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 20subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 282 seconds, (range: 268...296)index usage: 0%, cache usage: 0%total entries stored since starting: 20total entries replaced since starting: 0total entries expired since starting: 0total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 0 hit, 126 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-20 06:37
-
-
Apache server-status page is publicly available
The server-status page (usually
/server-status) allows server administrators to find out how well their server is performing.This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
IP: 203.170.192.183
Domain: pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
Port: 80
URL: http://pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.comFirst seen 2023-09-20 06:37
Last seen 2024-02-02 08:27
Open for 135 days-
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb316c12a0d06c12a0d0d8305546Apache Status Apache Server Status for pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Friday, 02-Feb-2024 15:27:22 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 93 Parent Server MPM Generation: 92 Server uptime: 28 days 5 hours 26 minutes 1 second Server load: 2.00 2.00 2.00 Total accesses: 1847158 - Total Traffic: 23.8 GB - Total Duration: 2141102829 CPU Usage: u211.37 s115.95 cu32089.3 cs2210.25 - 1.42% CPU load .757 requests/sec - 10.2 kB/second - 13.5 kB/request - 1159.13 ms/request 2 requests currently being processed, 126 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 029373no0yes032000 229661no0yes131000 329394no0yes131000 529374no0yes032000 Sum400 2126000 ________________________________................................ __________W_________________________________________________R___ ................................________________________________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-92293730/32/14780_ 12.4630160260920.00.14193.76 167.99.182.39http/1.1localhost:80GET /about HTTP/1.1 0-92293730/34/15277_ 12.5030139013310.00.10198.96 164.92.192.25http/1.1localhost:443GET /config.json HTTP/1.1 0-92293730/30/14843_ 12.4980150309240.00.15192.72 161.35.155.246http/1.1localhost:443GET /server-status HTTP/1.1 0-92293730/29/15022_ 12.5420145874890.00.08185.95 142.93.153.3http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-92293730/28/14926_ 12.36110147711660.00.15185.42 167.172.232.142http/1.1localhost:80GET /config.json HTTP/1.1 0-92293730/25/15152_ 12.3610156649100.00.11188.52 162.243.184.251http/1.1localhost:443GET /server-status HTTP/1.1 0-92293730/24/14824_ 11.4450145588360.00.11200.21 161.35.155.246h2localhost:443[0/0] Software caused connection abort 0-92293730/26/15133_ 12.4890150182010.00.06187.56 167.99.182.39http/1.1localhost:80GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-92293730/28/15095_ 11.4510145226800.00.07229.87 159.65.58.104h2localhost:443[0/0] Software caused connection abort 0-92293730/31/15225_ 12.3250148853300.00.14194.87 138.68.163.10http/1.1localhost:80GET /about HTTP/1.1 0-92293730/35/14795_ 12.5030154393220.00.09200.68 142.93.153.3http/1.1localhost:80GET / HTTP/1.1 0-92293730/31/14804_ 12.5040147156110.00.08195.44 161.35.155.246http/1.1localhost:443GET /config.json HTTP/1.1 0-92293730/36/14667_ 12.3520137182710.00.14185.50 164.92.192.25http/1.1 0-92293730/31/14822_ 12.3870169086480.00.07186.00 159.65.58.104http/1.1localhost:443GET /telescope/requests HTTP/1.1 0-92293730/26/15772_ 12.4660141614980.00.09187.75 128.199.61.251http/1.1localhost:80GET /about HTTP/1.1 0-92293730/34/14826_ 12.48120165341180.00.08182.47 167.99.182.39http/1.1localhost:80GET /_all_dbs HTTP/1.1 0-92293730/36/14875_ 12.4960143404960.00.09206.35 161.35.155.246http/1.1localhost:443GET /.DS_Store HTTP/1.1 0-92293730/33/14940_ 12.4660144939920.00.09189.28 64.227.126.135http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-92293730/26/14754_ 12.4890160388140.00.05200.53 167.99.182.39http/1.1localhost:80GET /config.json HTTP/1.1 0-92293730/33/14978_ 12.4730144639330.00.11193.79 206.81.1.88h2localhost:443[0/0] Software caused connection abort 0-92293730/30/14967_ 12.4670181495770.00.14193.40 64.227.126.135http/1.1localhost:80GET / HTTP/1.1 0-92293730/29/14994_ 12.48100147053640.00.08204.06 167.99.182.39http/1.1localhost:80GET /.git/config HTTP/1.1 0-92293730/32/15450_ 12.3900150748530.00.14188.26 162.243.184.251http/1.1localhost:443GET /config.json HTTP/1.1 0-92293730/29/14660_ 12.3316138765040.00.13190.18 162.243.184.251http/1.1localhost:443GET /server-status HTTP/1.1 0-92293730/33/14957_ 12.5420162205800.00.09186.87 161.35.155.246http/1.1localhost:443GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-92293730/31/14634_ 12.4588135981540.00.13196.98 161.35.155.246http/1.1localhost:443GET /server-status HTTP/1.1 0-92293730/27/15134_ 12.4660144713430.00.04194.49 167.99.182.39http/1.1localhost:80GET / HTTP/1.1 0-92293730/29/14914_ 12.4890159187400.00.05213.29 161.35.155.246http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-92293730/32/14719_ 12.4970152174340.00.11175.92 161.35.155.246http/1.1localhost:443GET /login.action HTTP/1.1 0-92293730/25/15173_ 12.3320135139100.00.08225.12 167.172.232.142http/1.1localhost:80GET /.env HTTP/1.1 0-92293730/35/14654_ 12.4710155571740.00.05199.13 128.199.61.251http/1.1localhost:80GET /.env HTTP/1.1 0-92293730/25/14915_ 12.37100145814950.00.14185.13 165.232.76.155h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15731. 0.00404270138364770.00.00219.29 137.184.162.65http/1.1localhost:80GET /.git/config HTTP/1.1 1-92-0/0/15813. 0.00404270136849580.00.00198.68 139.144.150.23http/1.1localhost:443GET /login.action HTTP/1.1 1-92-0/0/15602. 0.00404270174090190.00.00199.96 159.203.44.43h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15318. 0.00404270150896030.00.00189.46 164.92.84.255http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 1-92-0/0/15276. 0.00404270146566320.00.00197.93 159.203.44.43http/1.1localhost:443GET /.git/config HTTP/1.1 1-92-0/0/15655. 0.00404270134151790.00.00198.79 139.144.150.23http/1.1localhost:443GET /.DS_Store HTTP/1.1 1-92-0/0/15351. 0.00404270172789920.00.00188.15 159.223.102.13http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-92-0/0/15185. 0.00404270165483380.00.00189.07 64.227.126.135h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15335. 0.00404270127395500.00.00211.76 134.122.34.144http/1.1localhost:443GET /telescope/requests HTTP/1.1 1-92-0/0/14956. 0.00404270152319130.00.00188.74 159.203.44.43http/1.1localhost:443GET / HTTP/1.1 1-92-0/0/15041. 0.00404270148013860.00.00204.86 164.92.84.255http/1.1localhost:443GET /login.action HTTP/1.1 1-92-0/0/15506. 0.00404270159268070.00.00208.73 139.144.96.150http/1.1localhost:443GET /config.json HTTP/1.1 1-92-0/0/15329. 0.00404270159504030.00.00200.56 45.55.193.222http/1.1localhost:443GET /telescope/requests HTTP/1.1 1-92-0/0/15189. 0.00404270137016410.00.00183.04 159.223.102.13
Found on 2024-02-02 08:27 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb316c12a0d06c12a0d03d218d2eApache Status Apache Server Status for pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Sunday, 07-Jan-2024 07:48:50 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 8 Parent Server MPM Generation: 7 Server uptime: 1 day 21 hours 47 minutes 29 seconds Server load: 2.59 2.95 2.88 Total accesses: 781395 - Total Traffic: 10.6 GB - Total Duration: 956404972 CPU Usage: u173.4 s14.54 cu13326.1 cs698.67 - 8.62% CPU load 4.74 requests/sec - 67.4 kB/second - 14.2 kB/request - 1223.97 ms/request 7 requests currently being processed, 121 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 08425no4yes131011 111360no3yes428000 216287no3yes131001 316453no3yes131101 Sum4013 7121113 R_______________________________________________W___R______RW___ _________________________W___________________________________R__ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-784250/144/6032R 91.40884683218040.02.0889.61 85.208.96.207http/1.1 0-784250/159/6511_ 91.26284660723730.01.5385.99 52.70.240.171http/1.1www.chonlateeboi.com:443GET /12200qbkeitems/etidm77gqv.html HTTP/1.1 0-784250/142/6046_ 90.59183772410280.01.9190.21 40.77.167.25h2www.chonlateeaa.com:443[1/1] done: stream 1, GET /?s=i-was-curious-what-the-goosebumps 0-784250/175/6383_ 91.427105570107550.01.8782.86 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /bxqktze-9660detidm7.htm HTTP/1.1 0-784250/156/6101_ 91.16384666940790.01.6278.89 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /txiktze-14852vitems/etidm6.html HTTP/1.1 0-784250/219/6465_ 91.05184278223180.03.1085.26 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /krzktze-41571mitems/etidm.htm HTTP/1.1 0-784250/163/6270_ 90.78784559013960.02.1196.53 3.224.220.101http/1.1www.chonlateeboi.com:443GET /1344crwdetidm80sch.htm HTTP/1.1 0-784250/144/6302_ 90.526567745370.01.5982.44 85.208.96.209http/1.1www.chonlateefood.com:443GET /get/xdm17313odmjitems.htm HTTP/1.1 0-784250/208/6322_ 90.82396362753960.02.03124.88 40.77.167.15h2www.chonlateenextbiz.com:443GET /g1345938.shtml HTTP/2.0 0-784250/195/6238_ 91.45583971790580.02.0380.27 94.156.71.117http/1.1www.1smestartup.com:443GET /wp-includes/images/include.php HTTP/1.1 0-784250/129/5990_ 91.42783976530260.01.4676.67 23.22.35.162http/1.1www.chonlateeboi.com:443GET /10195yxnoitems/etidm HTTP/1.1 0-784250/141/5947_ 90.96184275631960.01.7077.51 138.68.163.10h2localhost:443[0/0] Software caused connection abort 0-784250/152/6011_ 91.55083853405800.01.8179.75 52.70.240.171http/1.1www.chonlateeboi.com:443GET /48733tobeitems/etidm35 HTTP/1.1 0-784250/154/6219_ 91.40084481978430.01.8684.15 85.208.96.193http/1.1www.chonlateeadmin.com:443GET /vikxhvp-46834xetid HTTP/1.1 0-784250/133/6652_ 91.512056909020.01.4885.89 142.93.158.96http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-784250/219/5994_ 90.0721583436020.01.9978.33 3.224.220.101http/1.1www.chonlateeboi.com:443GET /14943oqmiitems/etidm89ti.htm HTTP/1.1 0-784250/164/6160_ 91.55193064829130.01.7780.44 40.77.167.25h2www.chonlateeaa.com:443GET /?s=i-was-curious-what-the-goosebumps-series-2000-covers-ll 0-784250/156/6307_ 91.06784659312270.01.5681.94 52.70.240.171http/1.1www.chonlateeboi.com:443GET /40291idtuitems/etidm HTTP/1.1 0-784250/147/6310_ 90.64584162290830.01.6480.44 94.156.71.117http/1.1www.1smestartup.com:443GET /wp-includes/images/include.php HTTP/1.1 0-784250/138/6074_ 91.56063068854070.01.6685.48 66.249.73.10http/1.1www.chonlateeadmin.com:443GET /trust.php?rzqqgmy-15630detid.htm HTTP/1.1 0-784250/232/6349_ 91.473218790400930.02.2188.41 182.92.152.95http/1.1www.summer-techthai.com:443POST /xmlrpc.php HTTP/1.1 0-784250/132/6040_ 91.24284071199180.01.5082.23 40.77.167.25h2www.chonlateeaa.com:443[0/0] init 0-784250/143/6623_ 90.56285373827720.01.7888.34 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /zxoktze-15144betidm27mkb.htm HTTP/1.1 0-784250/158/6123_ 91.210234363223430.01.6688.61 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /ycnhmop-1155aitems/etidm.htm HTTP/1.1 0-784250/212/6023_ 91.551075411840.02.0375.47 142.93.158.96http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 0-784250/138/6146_ 91.473057683160.01.5079.63 142.93.158.96http/1.1localhost:80GET / HTTP/1.1 0-784250/147/6165_ 90.24084056828940.01.7089.58 23.22.35.162http/1.1www.chonlateeboi.com:443GET /16313rbhseti.html HTTP/1.1 0-784250/147/6143_ 90.32463770690930.01.88109.99 52.167.144.181h2www.chonlateefbl.com:443[1/1] done: stream 1, GET /7ft-prelit-artificial-silver-tinsel- 0-784250/155/6091_ 91.08684754384500.01.6377.01 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /kgzktze-41597metidm83.html HTTP/1.1 0-784250/151/6250_ 91.52284472772840.01.74114.88 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /srhktze-14331uitems/etidm.htm HTTP/1.1 0-784250/122/6033_ 91.15484467454450.01.4289.07 85.208.96.207http/1.1www.chonlateeboi.com:443GET /39545hevyeti.html HTTP/1.1 0-784250/146/6347_ 91.45584765328430.01.8281.59 23.22.35.162http/1.1www.chonlateeboi.com:443GET /15335lrvyetidm26vy.html HTTP/1.1 1-7113600/101/6205_ 61.823072952990.01.1380.69 142.93.158.96http/1.1localhost:80GET / HTTP/1.1 1-7113600/125/5989_ 61.27283966621750.01.4376.39 23.22.35.162http/1.1www.chonlateeboi.com:443GET /40244idtuitems/etidm7.html HTTP/1.1 1-7113600/92/5967_ 61.27084793370300.01.0577.28 51.15.17.105http/1.1www.siamsolarrooftop.com:443GET /trust.php HTTP/1.1 1-7113600/96/5656_ 60.62688976029780.01.3275.15 89.46.106.186h2www.rooffurnish.com:443[1/1] done: stream 1, GET /classwithtostring.php 1-7113600/94/5906_ 61.94083975285950.01.1587.91 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /vukhmop-12436xetidm6 HTTP/1.1 1-7113600/91/5964_ 61.823064727430.01.0778.53 98.70.57.60http/1.1www.chonlateedesign.com:80GET /auto_seo.php HTTP/1.1 1-7113600/89/6021_ 60.37584065358370.01.1176.35 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /bmqktze-31578detid.htm HTTP/1.1 1-7113600/99/6098_ 61.651184576483960.01.5281.38 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?vmuhlzs-59002hetidm51i HTTP/1.1 1-7113600/102/6049_ 61.66841055508680.01.2878.00 49.48.66.18h2www.xn--12cx2bef7bl0boq4ch6gugw[2/2] done: stream 3, GET /wp-content/themes/chonlateedesign/cs 1-7113600/96/6014_ 61.80584469782990.01.0384.25 185.191.171.2http/1.1www.chonlateeboi.com:443GET /31650mywgetid.htm HTTP/1.1 1-7113600/89/5805_ 61.23385976275080.01.2683.48 51.15.17.105http/1.1www.siamsolarrooftop.com:443GET /TNT.php HTTP/1.1<
Found on 2024-01-07 00:48 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb316c12a0d06c12a0d0dd10b0bbApache Status Apache Server Status for pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Friday, 05-Jan-2024 22:29:49 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 1 Parent Server MPM Generation: 0 Server uptime: 12 hours 28 minutes 28 seconds Server load: 2.41 2.47 2.49 Total accesses: 221675 - Total Traffic: 3.2 GB - Total Duration: 178158091 CPU Usage: u119.23 s7.38 cu3522.42 cs190.09 - 8.55% CPU load 4.94 requests/sec - 74.4 kB/second - 15.1 kB/request - 803.69 ms/request 9 requests currently being processed, 55 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 012776no2yes626000 112906no4yes329000 Sum206 955000 _W___R___________________W_WW_W___R_________R______________W____ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-0127760/96/2413_ 63.861019727830.01.2337.27 164.92.192.25http/1.1localhost:443GET / HTTP/1.1 0-0127761/83/2517W 62.960018669450.00.9731.06 185.191.171.16http/1.1www.chonlateeboi.com:443GET /22294bzlnetidm39m HTTP/1.1 0-0127760/92/2354_ 62.551111930889090.01.1244.51 139.144.150.45h2localhost:443[0/0] Software caused connection abort 0-0127760/81/2571_ 64.260019049080.00.9633.29 164.92.192.25http/1.1localhost:443GET / HTTP/1.1 0-0127760/90/2484_ 62.96185519423460.01.0631.01 139.144.150.45h2localhost:443[0/0] Software caused connection abort 0-0127760/96/2760R 63.58985019421030.01.2534.73 45.61.186.10http/1.1www.pennungmarket.com:443 0-0127760/137/2420_ 63.44284519097530.01.2629.63 139.144.150.45h2localhost:443[0/0] Software caused connection abort 0-0127760/97/2487_ 63.810112719866480.01.3132.59 52.70.240.171http/1.1www.chonlateeboi.com:443GET /25964biwxitems/etidm8.html HTTP/1.1 0-0127760/96/2507_ 63.790130718829540.01.3166.17 139.144.150.45http/1.1 0-0127760/104/2480_ 64.112018832210.01.4532.11 142.93.158.96http/1.1localhost:80GET /about HTTP/1.1 0-0127760/91/2440_ 63.3701022345050.01.1730.04 139.144.150.45h2localhost:443[0/0] Software caused connection abort 0-0127760/90/2362_ 64.23089918907950.01.1130.84 52.167.144.16h2www.thesungolden.com:443GET /tzeu2e/rg353v-vs-retroid-pocket-3.html HTTP/2.0 0-0127760/84/2333_ 63.822106119084370.01.0732.94 164.92.192.25http/1.1 0-0127760/101/2653_ 64.08285719868910.01.2835.14 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /wxlmeuk-37215yitems/etidm93jk.htm HTTP/1.1 0-0127760/94/2686_ 63.65184622080500.01.2636.70 164.92.192.25h2localhost:443[0/0] Software caused connection abort 0-0127760/89/2411_ 63.57133519185660.01.1332.18 164.92.192.25h2localhost:443[0/0] Software caused connection abort 0-0127760/95/2358_ 64.260019409880.01.2231.00 139.144.150.45http/1.1localhost:443GET / HTTP/1.1 0-0127760/94/2542_ 63.38075619181560.01.2135.18 164.92.192.25h2localhost:443[0/0] Software caused connection abort 0-0127760/96/2556_ 62.441105918745120.01.1833.66 164.92.192.25h2localhost:443[0/0] Software caused connection abort 0-0127760/95/2399_ 63.99184620825280.01.2229.57 52.167.144.16h2www.thesungolden.com:443[1/1] done: stream 1, GET /tzeu2e/rg353v-vs-retroid-pocket-3.ht 0-0127760/89/2457_ 63.87199218998660.01.1135.48 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /bzqmeuk-22764detidm5.htm HTTP/1.1 0-0127760/102/2466_ 62.640416919919900.01.1836.03 31.184.236.34http/1.1 0-0127760/93/2722_ 64.24084718679870.01.2233.99 66.249.72.66http/1.1www.chonlateeadmin.com:443GET /trust.php?fnkaonh-264100xetidm63s HTTP/1.1 0-0127760/85/2376_ 63.11084518275150.01.0731.69 164.92.192.25http/1.1 0-0127760/90/2387_ 63.24184519227280.01.0931.27 52.167.144.16h2www.thesungolden.com:443[0/0] init 0-0127761/91/2402W 63.760018618540.01.2131.13 23.22.35.162http/1.1www.chonlateeboi.com:443GET /21325crwditems/etidm61 HTTP/1.1 0-0127760/100/2338_ 64.11284718405860.01.4330.02 66.249.71.169http/1.1www.chonlateeadmin.com:443GET /trust.php?eqjadej-46505wetidm.html HTTP/1.1 0-0127761/78/2471W 63.440018765900.00.9862.11 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?xuuhsbr-132376hitems/etid.html HTTP/1.1 0-0127761/102/2364W 63.930018886810.01.2929.93 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /mrbmeuk-37361oeti.html HTTP/1.1 0-0127760/91/2682_ 63.991018161800.01.0870.49 142.93.158.96http/1.1localhost:80GET / HTTP/1.1 0-0127761/85/2358W 63.720018824790.01.0637.33 66.249.72.65http/1.1www.chonlateeadmin.com:443GET /trust.php?qqqqxjd-11703detidm1 HTTP/1.1 0-0127760/81/2685_ 64.161018910660.01.0132.71 142.93.158.96http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 1-0129060/96/1904_ 57.44187714422540.01.2425.17 164.92.192.25h2localhost:443[0/0] Software caused connection abort 1-0129060/92/1681_ 56.21085113855870.01.1221.93 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /hhwmeuk-43310jitems/etidm55u.html HTTP/1.1 1-0129060/86/1801R 56.85489614290780.01.0725.28 3.224.220.101http/1.1 1-0129060/93/1696_ 57.800013957740.01.1822.54 142.93.158.96http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-0129060/88/1712_ 57.59092113725960.01.0926.97 66.249.72.66http/1.1www.chonlateeadmin.com:443GET /trust.php?tqxggdh-63030ketidm59gd.html HTTP/1.1 1-0129060/92/1734_ 57.83068713787830.01.0623.25 52.167.144.210h2www.thaidaoherb.com:443GET /guncategoryryyh/1938 HTTP/2.0 1-0129060/81/1745_ 57.590103213969100.01.0221.58 52.70.240.171http/1.1www.chonlateeboi.com:443GET /21378crwdetid.htm HTTP/1.1 1-0129060/81/1731_ 56.98184413996860.02.1122.77 40.77.167.13h2www.chonlateefbc.com:443[0/0] init 1-0129060/73/1775_ 57.79184714224290.00.9124.02 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /wrlmeuk-37501yitems/etidm90 HTTP/1.1 1-0129060/136/1723_ 57.61089013816910.01.2422.64 23.22.35.162http/1.1www.chonlateeboi.com:443GET /21354crwdetid.htm HTTP/1.1 1-0129060/85/1707_ 57.37285113462220.01.0525.76 139.144.150.45http/1.1 1-0129060/91/1787_ 57.35385214580580.01.1524.05 85.208.96.193http/1.1www.chonlateeboi.com:443GET /19396sabfetidm4 HTTP/1.1 1-0129060/155/1772R 56.9141414138850.01.4023.41 203.170.192.183http/1.1www.thaicarsale.com:80POST /wp-cron.php?doing_wp_cron=1704468568.44911503791809082031 1-0129060/82/1705_ 56.73184413714830.0
Found on 2024-01-05 15:29 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb316c12a0d06c12a0d0098b9a91Apache Status Apache Server Status for pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Monday, 11-Dec-2023 21:02:00 ICT Restart Time: Friday, 01-Dec-2023 00:22:58 ICT Parent Server Config. Generation: 41 Parent Server MPM Generation: 40 Server uptime: 10 days 20 hours 39 minutes 2 seconds Server load: 1.02 0.86 0.76 Total accesses: 4287967 - Total Traffic: 55.1 GB - Total Duration: 4060079380 CPU Usage: u322.34 s51.55 cu76969.1 cs4032.07 - 8.67% CPU load 4.57 requests/sec - 61.5 kB/second - 13.5 kB/request - 946.854 ms/request 12 requests currently being processed, 52 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 06388no4yes626002 228854no7yes626001 Sum2011 1252003 _________R_________W___R__W_W__W................................ ______W___WW_______R____R_R_____................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-4063880/107/38676_ 71.391661352040520.01.32489.75 66.249.64.228http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?kwdymlj-54727qetidm69.html HTTP/1.1 0-4063880/115/38031_ 71.452680359062020.01.50480.72 66.249.64.230http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?yprdvsc-427eeti.html HTTP/1.1 0-4063880/124/38414_ 71.4520393998280.01.47492.89 104.236.193.132http/1.1localhost:443GET / HTTP/1.1 0-4063880/106/38468_ 69.7621067381097970.01.25503.54 40.77.167.46h2www.chonlateefbc.com:443[1/1] done: stream 1, GET /sitemap1129.xml 0-4063880/108/38957_ 71.252873362718830.01.27556.76 207.46.13.63h2www.chonlateefbc.com:443GET /sitemap45.xml HTTP/2.0 0-4063880/93/38015_ 71.6500391825790.01.10481.35 206.81.1.88http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-4063880/101/38360_ 71.521659393122330.01.12483.53 66.249.71.4http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?jlcymlj-38268petid HTTP/1.1 0-4063880/98/39109_ 71.551656360975910.01.19491.17 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?cmvgazz-28979iitems/eti.htm HTTP/1.1 0-4063880/116/38082_ 71.022781373153980.01.70499.43 66.249.71.4http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?xqzdvuk-19536mitems/eti.htm HTTP/1.1 0-4063880/100/38520R 71.4420360947610.01.08492.63 206.81.1.88http/1.1localhost:80GET / HTTP/1.1 0-4063880/108/38062_ 71.232954377206260.01.24463.14 66.249.64.227http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?ydrkqbs-46993eetidm45lq.html HTTP/1.1 0-4063880/106/38152_ 71.341652360748020.01.25513.36 104.236.193.132h2localhost:443[0/0] Software caused connection abort 0-4063880/103/38023_ 71.4810367903030.01.26464.72 206.81.1.88http/1.1localhost:80GET /about HTTP/1.1 0-4063880/90/38169_ 70.132658396990150.01.04492.39 40.77.167.46h2www.chonlateefbc.com:443GET /sitemap1129.xml HTTP/2.0 0-4063880/86/38411_ 69.742869372769120.01.16483.11 207.46.13.54h2www.chonlateepr.com:443[0/0] init 0-4063880/103/38071_ 71.452723365124780.01.19537.22 66.249.64.228http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?ghhnuow-18193uitems/eti.htm HTTP/1.1 0-4063880/94/39081_ 71.351893368684650.01.16517.85 159.89.83.196h2localhost:443[0/0] Software caused connection abort 0-4063880/82/38513_ 69.720655359270970.00.97475.30 207.46.13.63h2www.chonlateefbc.com:443[0/0] init 0-4063880/94/38584_ 71.452659360716720.01.11499.14 66.249.71.2http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?nkgcvxg-22542tetidm3 HTTP/1.1 0-4063881/109/38875W 71.1600376980310.01.34506.67 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?vuohgeq-23876betid.htm HTTP/1.1 0-4063880/97/38259_ 71.111880354981710.01.19505.08 185.191.171.19http/1.1www.chonlateeboi.com:443GET /27978jbwjetid.htm HTTP/1.1 0-4063880/117/38433_ 71.140715381031580.01.36496.96 207.46.13.141h2www.chonlateefood.com:443[0/0] init 0-4063880/96/38179_ 71.390869399538500.01.18506.18 159.89.83.196h2localhost:443[0/0] Software caused connection abort 0-4063880/99/37494R 71.443660354153100.01.15466.62 207.46.13.141h2www.chonlateefood.com:443[1/0] schedule: stream 1, GET /items/zho8657ihpotid.html 0-4063880/116/38550_ 71.061840364101700.01.40512.42 207.46.13.63h2www.chonlateefbc.com:443GET /sitemap929.xml HTTP/2.0 0-4063880/98/37805_ 71.1900381301810.01.18462.59 159.89.83.196h2localhost:443[0/0] Software caused connection abort 0-4063881/109/38536W 70.8700365516610.01.24575.93 66.249.64.228http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?jdcooqo-31118petidm4.htm HTTP/1.1 0-4063880/108/37770_ 71.5810363491430.01.23502.81 3.224.220.101http/1.1www.krongthongsecurity.com:443GET /qnxgzna287563ketidm.html HTTP/1.1 0-4063881/113/38369W 70.1000404326530.01.34515.70 66.249.71.5http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?znsagyn-10308fetid HTTP/1.1 0-4063880/110/38225_ 71.3911081368289000.01.27495.47 40.77.167.46h2www.chonlateefbc.com:443GET /sitemap884.xml HTTP/2.0 0-4063880/105/38336_ 71.430860363160550.01.33486.17 3.224.220.101http/1.1www.chonlateeboi.com:443GET /trust.php?273039bogqitems/etidm40nq.htm HTTP/1.1 0-4063881/97/38053W 70.2700368590930.01.11529.57 66.249.64.229http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?rbrnuow-11522eitems/eti.htm HTTP/1.1 1-40-0/0/39232. 0.001340851366963720.00.00496.48 66.249.64.227http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?oerxner-47815eeti.html HTTP/1.1 1-40-0/0/39185. 0.0013401043375395980.00.00539.25 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?330877bogqitems/etidm80 HTTP/1.1 1-40-0/0/38959. 0.001340863376969640.00.00542.28 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?laentbr-20408retidm55y.htm HTTP/1.1 1-40-0/0/39207. 0.001340890385336770.00.00553.94 85.208.96.203http/1.1www.chonlateeadmin.com:443GET /liaypvw-35098netid HTTP/1.1 1-40-0/0/39976. 0.001340918356664450.00.00608.59 66.249.64.227http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?hfassdx-12240netidm94u HTTP/1.1 1-40-0/0/38802. 0.001340910353324760.00.00555.91 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?ubxooqo-25825ketidm.html HTTP/1.1 1-40-0/0/38879. 0.001340864357502030.00.00521.21 198.98.54.38http/1.1www.xn--12cx2bef7bl0boq4ch6gugwGET /author/admin/ HTTP/1.1 1-40-0/0/39303. 0.0013402422380929500.00.00501.98 95.91.42.78http/1.1www.chonlateefood.com:443GET /%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%97%E0%B8%B3%E0%B8%82%E0% 1-40-0/0/39064. 0.0013401004369774110.00.00492.97 95.91.42.78http/1.1www.chonlateedesign.com:443GET /%E0%B8%AA%E0%B8%B5%E0%B8%81%E0%B8%B1%E0%B8%9A%E0%B8%81%E0% 1-40-0/0/39164. 0.001340898361675120.00.00501.68 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?ilxqgmy-125211kitems/etidm.htm HTTP/1.1 1-40-0/0/39722. 0.001340885357634830.00.00525.64 23.22.35.162http/1.1www.chonlateeadmin.com:
Found on 2023-12-11 14:01 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb316c12a0d06c12a0d0913cf381Apache Status Apache Server Status for pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Thursday, 23-Nov-2023 00:23:57 ICT Restart Time: Monday, 20-Nov-2023 10:17:03 ICT Parent Server Config. Generation: 9 Parent Server MPM Generation: 8 Server uptime: 2 days 14 hours 6 minutes 53 seconds Server load: 1.35 1.87 1.62 Total accesses: 648034 - Total Traffic: 8.2 GB - Total Duration: 719137595 CPU Usage: u59.01 s12.71 cu9707.16 cs570.87 - 4.63% CPU load 2.9 requests/sec - 38.6 kB/second - 13.3 kB/request - 1109.72 ms/request 20 requests currently being processed, 108 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 06877no1yes131100 16697no2yes527001 36879no19yes725001 46881no2yes725001 Sum4024 20108103 _W______________________________________W_____W_W_________R___W_ ................................W______WW____R_WW______________W ___WW____W____________WW_____WW_................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-868770/28/5238_ 11.7612147419540.00.3672.54 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/jeg-elementor-kit/assets/js/elements/st 0-868771/24/4983W 11.101050374610.00.2661.56 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-json/ HTTP/1.1 0-868770/26/4909_ 11.720068876520.00.4060.32 139.59.182.142http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-868770/20/5096_ 11.84065348793540.00.2862.97 66.249.79.68http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?dmezkxl-2720retidm50qzr HTTP/1.1 0-868770/24/5147_ 11.7411251687560.00.2879.22 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/in 0-868770/24/5223_ 10.65092150709910.00.4062.71 161.35.176.95h2localhost:443[0/0] Software caused connection abort 0-868770/26/5076_ 11.791109751557000.00.3365.50 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?dnsecaw-246678fetidm53q.htm HTTP/1.1 0-868770/29/4975_ 11.541048178580.00.3561.72 128.199.61.251http/1.1localhost:80GET / HTTP/1.1 0-868770/17/5222_ 11.46150250388740.00.1660.80 85.208.96.204http/1.1www.mkandptfoods.com:443GET /wzy.php?m51926256234.html HTTP/1.1 0-868770/23/5316_ 11.73167148072370.00.2981.42 66.249.79.66http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?kklwxmt-38373yetidm69.html HTTP/1.1 0-868770/22/5256_ 11.7512349364210.00.3963.06 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4 0-868770/21/5363_ 11.721049590390.00.2476.17 128.199.61.251http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-868770/20/5306_ 11.23194452171030.00.3269.09 23.22.35.162http/1.1www.chonlateeboi.com:443GET /36021tbrmitems/etidm99.htm HTTP/1.1 0-868770/24/5290_ 11.7511549122730.00.2562.19 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/qi-addons-for-elementor/inc/plugins/ele 0-868770/21/4997_ 11.46164149334990.00.2556.97 66.249.71.4http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?pnqasnc-15212detidm9 HTTP/1.1 0-868770/26/4955_ 11.7613750751060.00.2359.21 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/ao 0-868770/26/4946_ 11.701047839840.00.3459.38 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 0-868770/21/5280_ 11.701048733620.00.2358.35 207.154.240.169http/1.1localhost:80GET / HTTP/1.1 0-868770/23/5034_ 11.701050217500.00.2771.03 178.62.73.12http/1.1localhost:80GET / HTTP/1.1 0-868770/23/5097_ 11.781050206330.00.3373.64 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/fronte 0-868770/20/4985_ 10.921049737540.00.2968.12 5.101.157.148http/1.1www.dinocoffees.com:443POST /wp-login.php HTTP/2.0 0-868770/19/5231_ 10.841044691110.00.2367.68 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /bqirtdd190230vf037b7e3 HTTP/1.1 0-868770/17/4975_ 11.101051856100.00.1463.12 161.35.176.95h2localhost:443[0/0] Software caused connection abort 0-868770/25/4984_ 11.771050753540.00.3173.04 128.199.61.251http/1.1localhost:80GET /about HTTP/1.1 0-868770/18/5064_ 11.42189349737180.00.2562.67 185.191.171.16http/1.1www.chonlateeboi.com:443GET /33364tzwaetidm9 HTTP/1.1 0-868770/19/5165_ 11.7612347535140.00.2667.24 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/themes/sydney/js/so-legacy.js?ver=6.3.2 HTTP/1. 0-868770/24/5260_ 11.701049453910.00.2285.08 139.59.182.142http/1.1localhost:80GET / HTTP/1.1 0-868770/17/5356_ 10.95080750357090.00.2085.39 223.24.157.217h2www.xn--12cx2bef7bl0boq4ch6gugw[0/0] init 0-868770/21/4933_ 11.3313749140460.00.2567.95 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/fronte 0-868770/14/5222_ 11.7511152407730.00.1859.91 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/pa 0-868770/16/5044_ 11.7512647464910.00.2564.72 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/themes/sydney/js/so-legacy-main.min.js?ver=6.3. 0-868770/25/5244_ 11.741346041050.00.3363.60 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/modal- 1-866970/21/5363_ 8.451054667380.00.2257.61 178.62.73.12http/1.1localhost:80GET /about HTTP/1.1 1-866970/17/4984_ 7.9706051429070.00.1959.48 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/qi-addons-for-elementor/assets/plugins/ 1-866970/21/5183_ 8.4905255143570.00.2759.77 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min 1-866970/13/5136_ 7.87084748848650.00.1668.55 139.59.182.142http/1.1 1-866970/12/5107_ 8.4903749951420.00.1758.07 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/themes/sydney/js/functions.min.js?ver=20230315 1-866970/12/5042_ 7.47189352521240.00.1361.33 161.35.27.144h2localhost:443[0/0] Software caused connection abort 1-866970/16/5474_ 8.521053860880.00.2663.46 139.59.182.142http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 1-866970/16/5294_ 7.920050744480.00.1768.77 161.35.27.144http/1.1 1-866971/18/5195W 7.691051338550.00.2070.38 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /comments/feed/ HTTP/1.1 1-866970/15/5461_ 7.2013153738510.00.1865.73 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/themes/sydney/js/scripts.js?ver=6.3.2 HTTP/1.1 1-866970/15/5456_ 8.081272653685270.00.1672.12
Found on 2023-11-22 17:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3185651fdb85651fdb33005128Apache Status Apache Server Status for pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Saturday, 23-Sep-2023 15:35:59 +07 Restart Time: Saturday, 23-Sep-2023 04:02:11 +07 Parent Server Config. Generation: 1763 Parent Server MPM Generation: 1762 Server uptime: 11 hours 33 minutes 48 seconds Server load: 1.13 0.94 0.81 Total accesses: 79122 - Total Traffic: 1.4 GB - Total Duration: 112607236 CPU Usage: u2824.77 s5187.8 cu51121200 cs12506100 - 153000% CPU load 1.9 requests/sec - 34.5 kB/second - 18.1 kB/request - 1423.21 ms/request 3 requests currently being processed, 6 idle workers W_W_.__C__........................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1762250360/14/6218W 4.700085968460.00.07121.79 167.172.20.95http/1.1localhost:80GET /server-status HTTP/1.0 1-1762249640/25/6094_ 11.05159085771690.00.12114.45 195.88.56.178http/1.1www.xn--12ca0fonkbd7d0a2scgl7f.GET /5.php HTTP/1.0 2-1762250440/11/6151W 5.09094086633370.00.06105.88 172.71.131.101http/1.1www.chonlateeit.com:443GET /tag/%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%94%E0%B8%B9%E0%B9%81 3-1762246590/89/5880_ 27.881077923630.00.6889.59 167.172.20.95http/1.1localhost:80GET /v2/_catalog HTTP/1.0 4-1762-0/0/5779. 0.00125078805090.00.00101.08 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 5-1762248090/45/5756_ 50.43190585450350.00.2579.91 192.53.126.23http/1.1 6-1762248150/54/5291_ 19.580077438180.00.46115.29 167.172.20.95http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 7-1762248331/50/5087C 47.360174447302.40.5774.86 192.53.126.23http/1.1localhost:443GET / HTTP/1.1 8-1762248890/42/4982_ 16.70067371573820.00.2189.74 195.88.56.178http/1.1www.xn--12ca0fonkbd7d0a2scgl7f.GET /v.php HTTP/1.0 9-1762248910/37/4439_ 11.22060662910670.00.1763.44 192.53.126.23http/1.1 10-1762-0/0/4167. 0.00459260176060.00.0070.37 35.175.111.130http/1.1 11-1762-0/0/4061. 0.00682058901770.00.0080.39 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 12-1762-0/0/3314. 0.00109245698160.00.0076.44 195.88.56.178http/1.1www.xn--12ca0fonkbd7d0a2scgl7f.GET /wp-includes/js/tinymce/skins/lightgray/img/ HTTP/1.0 13-1762-0/0/2917. 0.0010165440356320.00.0042.93 195.88.56.178http/1.1www.xn--12ca0fonkbd7d0a2scgl7f.GET /wp-content/themes/seotheme/db.php?u HTTP/1.0 14-1762-0/0/2367. 0.00154135259250.00.0039.80 198.54.126.110http/1.1www.happy-carrent.com:80POST /xmlrpc.php HTTP/1.0 15-1762-0/0/1965. 0.00687029539550.00.0035.54 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 16-1762-0/0/1500. 0.001036019788200.00.0027.08 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 17-1762-0/0/717. 0.0025818059024920.00.0012.96 51.222.15.45http/1.1www.dreamhightravel.com:443POST /wp-login.php HTTP/1.1 18-1762-0/0/581. 0.00296209942760.00.0014.23 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1762-0/0/571. 0.00297909155650.00.009.80 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 20-1762-0/0/287. 0.00275003843590.00.008.16 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 21-1762-0/0/129. 0.00296801475090.00.005.46 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1762-0/0/171. 0.00297404890960.00.0010.80 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1762-0/0/52. 0.0029660474820.00.002.08 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 24-1762-0/0/222. 0.00241712073823280.00.004.21 27.254.96.168http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1POST /wp-cron.php?doing_wp_cron=1695455740.35536909103393554687 25-1762-0/0/30. 0.0044810173950.00.000.45 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1762-0/0/100. 0.0039703911376730.00.001.11 150.230.93.233http/1.1www.ozonepluswater.net:443GET /wp-login.php HTTP/1.1 27-1762-0/0/3. 0.0010339096260.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1762-0/0/4. 0.00103360111560.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 29-1762-0/0/58. 0.00102610579870.00.000.70 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 30-1762-0/0/100. 0.0098917711412600.00.001.40 51.79.24.51http/1.1www.chonlateekeyman.com:443POST //wp-login.php HTTP/1.1 31-1762-0/0/3. 0.00103320124930.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 32-1762-0/0/4. 0.0010349079740.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 33-1762-0/0/4. 0.00103240129440.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 34-1762-0/0/4. 0.00103260108370.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 35-1762-0/0/9. 0.00103330178550.00.000.15 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 36-1762-0/0/6. 0.00103170134700.00.000.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 37-1762-0/0/2. 0.0010355570.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 38-1762-0/0/3. 0.0010337086730.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 39-1762-0/0/1. 0.0010354000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 40-1762-0/0/84. 0.00992402081880.00.001.29 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 41-1762-0/0/1. 0.0010353000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 42-1762-0/0/8. 0.00103020123820.00.000.04 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 94subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 74 seconds, (range: 2...249)index usage: 3%, cache usage: 4%total entries stored since starting: 12918total entries replaced since starting: 0total entries expired since starting: 12824total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 506 hit, 24112 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-23 08:34 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3185651fdb85651fdbd92886c3Apache Status Apache Server Status for pop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Wednesday, 20-Sep-2023 13:39:15 +07 Restart Time: Wednesday, 20-Sep-2023 13:38:45 +07 Parent Server Config. Generation: 1749 Parent Server MPM Generation: 1748 Server uptime: 29 seconds Server load: 1.37 1.59 1.37 Total accesses: 110 - Total Traffic: 843 kB - Total Duration: 58487 CPU Usage: u2661.45 s5135.87 cu50937800 cs12467100 - 2.19e+8% CPU load 3.79 requests/sec - 29.1 kB/second - 7.7 kB/request - 531.7 ms/request 7 requests currently being processed, 4 idle workers _R___WWRWWR....................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1748323550/17/17_ 2.920180690.00.200.20 144.126.202.105http/1.1localhost:80GET /server-status HTTP/1.0 1-1748323560/9/9R 6.3202219137490.00.200.20 138.197.88.136http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 2-1748323570/19/19_ 4.8901101960.00.130.13 162.243.161.105http/1.1localhost:80GET /v2/_catalog HTTP/1.0 3-1748323580/17/17_ 1.980037670.00.130.13 134.122.89.242http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 4-1748323590/16/16_ 2.390180580.00.090.09 143.42.118.5http/1.1 5-1748324030/9/9W 2.580049550.00.020.02 124.120.35.241http/1.1www.chonlateefbc.com:80POST /wp-admin/admin-ajax.php HTTP/1.0 6-1748324100/6/6W 2.460048000.00.020.02 165.232.76.155http/1.1localhost:80GET /server-status HTTP/1.0 7-1748324170/6/6R 1.300126425380.00.010.01 207.154.240.169http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.0 8-1748324180/9/9W 1.280023470.00.030.03 124.120.35.241http/1.1www.chonlateefbc.com:80POST /wp-admin/admin-ajax.php HTTP/1.0 9-1748324330/2/2W 0.000030.00.000.00 45.61.184.148http/1.1www.seasabithailand.com:443GET /wp-login.php HTTP/1.1 10-1748324390/0/0R 0.000000.00.000.00 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 15subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 288 seconds, (range: 274...295)index usage: 0%, cache usage: 0%total entries stored since starting: 15total entries replaced since starting: 0total entries expired since starting: 0total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 0 hit, 82 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-20 06:37
-
-
Apache server-status page is publicly available
The server-status page (usually
/server-status) allows server administrators to find out how well their server is performing.This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
IP: 203.170.192.183
Domain: mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
Port: 443
URL: https://mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.comFirst seen 2023-09-20 06:37
Last seen 2024-02-02 08:27
Open for 135 days-
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31ef8c38d2ef8c38d2afc7f62dApache Status Apache Server Status for mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Friday, 02-Feb-2024 15:27:28 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 93 Parent Server MPM Generation: 92 Server uptime: 28 days 5 hours 26 minutes 7 seconds Server load: 2.00 2.00 2.00 Total accesses: 1847174 - Total Traffic: 23.8 GB - Total Duration: 2141102841 CPU Usage: u211.41 s115.96 cu32089.3 cs2210.25 - 1.42% CPU load .757 requests/sec - 10.2 kB/second - 13.5 kB/request - 1159.12 ms/request 1 requests currently being processed, 127 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 029373no0yes032000 229661no3yes131003 329394no0yes032000 529374no0yes032000 Sum403 1127003 ________________________________................................ ____________W___________________________________________________ ................................________________________________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-92293730/32/14780_ 12.46100160260920.00.14193.76 167.99.182.39http/1.1localhost:80GET /about HTTP/1.1 0-92293730/34/15277_ 12.50100139013310.00.10198.96 164.92.192.25http/1.1localhost:443GET /config.json HTTP/1.1 0-92293730/30/14843_ 12.4910150309240.00.15192.72 161.35.155.246http/1.1localhost:443GET /server-status HTTP/1.1 0-92293730/29/15022_ 12.5490145874890.00.08185.95 142.93.153.3http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-92293730/29/14927_ 12.5530147711660.00.15185.42 206.81.1.88http/1.1localhost:443GET /about HTTP/1.1 0-92293730/25/15152_ 12.3680156649100.00.11188.52 162.243.184.251http/1.1localhost:443GET /server-status HTTP/1.1 0-92293730/24/14824_ 11.44120145588360.00.11200.21 161.35.155.246h2localhost:443[0/0] Software caused connection abort 0-92293730/27/15134_ 12.5510150182010.00.07187.56 206.81.1.88http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-92293730/28/15095_ 11.4570145226800.00.07229.87 159.65.58.104h2localhost:443[0/0] Software caused connection abort 0-92293730/31/15225_ 12.32110148853300.00.14194.87 138.68.163.10http/1.1localhost:80GET /about HTTP/1.1 0-92293730/35/14795_ 12.50100154393220.00.09200.68 142.93.153.3http/1.1localhost:80GET / HTTP/1.1 0-92293730/31/14804_ 12.50100147156110.00.08195.44 161.35.155.246http/1.1localhost:443GET /config.json HTTP/1.1 0-92293730/36/14667_ 12.3590137182710.00.14185.50 164.92.192.25http/1.1 0-92293730/31/14822_ 12.3810169086480.00.07186.00 159.65.58.104http/1.1localhost:443GET /telescope/requests HTTP/1.1 0-92293730/26/15772_ 12.46120141614980.00.09187.75 128.199.61.251http/1.1localhost:80GET /about HTTP/1.1 0-92293730/35/14827_ 12.5440165341190.00.08182.47 206.81.1.88http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-92293730/36/14875_ 12.49130143404960.00.09206.35 161.35.155.246http/1.1localhost:443GET /.DS_Store HTTP/1.1 0-92293730/33/14940_ 12.46120144939920.00.09189.28 64.227.126.135http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-92293730/27/14755_ 12.5510160388140.00.05200.53 142.93.153.3http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-92293730/33/14978_ 12.4790144639330.00.11193.79 206.81.1.88h2localhost:443[0/0] Software caused connection abort 0-92293730/30/14967_ 12.46130181495770.00.14193.40 64.227.126.135http/1.1localhost:80GET / HTTP/1.1 0-92293730/30/14995_ 12.5520147053650.00.08204.06 206.81.1.88http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-92293730/32/15450_ 12.3960150748530.00.14188.26 162.243.184.251http/1.1localhost:443GET /config.json HTTP/1.1 0-92293730/29/14660_ 12.3386138765040.00.13190.18 162.243.184.251http/1.1localhost:443GET /server-status HTTP/1.1 0-92293730/33/14957_ 12.5490162205800.00.09186.87 161.35.155.246http/1.1localhost:443GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-92293730/31/14634_ 12.4518135981540.00.13196.98 161.35.155.246http/1.1localhost:443GET /server-status HTTP/1.1 0-92293730/27/15134_ 12.46130144713430.00.04194.49 167.99.182.39http/1.1localhost:80GET / HTTP/1.1 0-92293730/29/14914_ 12.4810159187400.00.05213.29 161.35.155.246http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-92293730/32/14719_ 12.4900152174340.00.11175.92 161.35.155.246http/1.1localhost:443GET /login.action HTTP/1.1 0-92293730/25/15173_ 12.3390135139100.00.08225.12 167.172.232.142http/1.1localhost:80GET /.env HTTP/1.1 0-92293730/35/14654_ 12.4770155571740.00.05199.13 128.199.61.251http/1.1localhost:80GET /.env HTTP/1.1 0-92293730/25/14915_ 12.3720145814950.00.14185.13 165.232.76.155h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15731. 0.00404340138364770.00.00219.29 137.184.162.65http/1.1localhost:80GET /.git/config HTTP/1.1 1-92-0/0/15813. 0.00404340136849580.00.00198.68 139.144.150.23http/1.1localhost:443GET /login.action HTTP/1.1 1-92-0/0/15602. 0.00404340174090190.00.00199.96 159.203.44.43h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15318. 0.00404340150896030.00.00189.46 164.92.84.255http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 1-92-0/0/15276. 0.00404340146566320.00.00197.93 159.203.44.43http/1.1localhost:443GET /.git/config HTTP/1.1 1-92-0/0/15655. 0.00404340134151790.00.00198.79 139.144.150.23http/1.1localhost:443GET /.DS_Store HTTP/1.1 1-92-0/0/15351. 0.00404340172789920.00.00188.15 159.223.102.13http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-92-0/0/15185. 0.00404340165483380.00.00189.07 64.227.126.135h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15335. 0.00404340127395500.00.00211.76 134.122.34.144http/1.1localhost:443GET /telescope/requests HTTP/1.1 1-92-0/0/14956. 0.00404340152319130.00.00188.74 159.203.44.43http/1.1localhost:443GET / HTTP/1.1 1-92-0/0/15041. 0.00404340148013860.00.00204.86 164.92.84.255http/1.1localhost:443GET /login.action HTTP/1.1 1-92-0/0/15506. 0.00404340159268070.00.00208.73 139.144.96.150http/1.1localhost:443GET /config.json HTTP/1.1 1-92-0/0/15329. 0.00404340159504030.00.00200.56 45.55.193.222http/1.1localhost:443GET /telescope/requests HTTP/1.1 1-92-0/0/15189. 0.00404340137016410.00.00183.04 159.223.102.13
Found on 2024-02-02 08:27 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31ef8c38d2ef8c38d287f28b12Apache Status Apache Server Status for mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Sunday, 07-Jan-2024 07:48:56 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 8 Parent Server MPM Generation: 7 Server uptime: 1 day 21 hours 47 minutes 35 seconds Server load: 2.54 2.93 2.88 Total accesses: 781550 - Total Traffic: 10.6 GB - Total Duration: 956425330 CPU Usage: u174.07 s14.6 cu13326.1 cs698.67 - 8.62% CPU load 4.74 requests/sec - 67.4 kB/second - 14.2 kB/request - 1223.75 ms/request 3 requests currently being processed, 125 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 08425no3yes131000 111360no4yes230011 216287no4yes032000 316453no3yes032101 Sum4014 3125112 __R______________________________________________W___W__________ ________________________________________________________________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-784250/145/6033_ 91.59584283226460.02.0989.62 85.208.96.207http/1.1www.chonlateeadmin.com:443GET /ohdasyu-7307qetidm.html HTTP/1.1 0-784250/159/6511_ 91.26084660723730.01.5385.99 52.70.240.171http/1.1www.chonlateeboi.com:443GET /12200qbkeitems/etidm77gqv.html HTTP/1.1 0-784250/142/6046R 90.59783772410280.01.9190.21 52.70.240.171http/1.1 0-784250/175/6383_ 91.425105570107550.01.8782.86 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /bxqktze-9660detidm7.htm HTTP/1.1 0-784250/156/6101_ 91.16484666940790.01.6278.89 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /txiktze-14852vitems/etidm6.html HTTP/1.1 0-784250/219/6465_ 91.05784278223180.03.1085.26 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /krzktze-41571mitems/etidm.htm HTTP/1.1 0-784250/164/6271_ 91.58584559013960.02.1496.56 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /ycnhmop-1155aitems/etidm.htm HTTP/1.1 0-784250/145/6303_ 91.595067745370.01.5982.44 142.93.158.96http/1.1localhost:80GET /_all_dbs HTTP/1.1 0-784250/209/6323_ 91.672128462766810.02.04124.90 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /mcbhmop-19863oitems/etidm86zp.htm HTTP/1.1 0-784250/196/6239_ 91.66384471799030.02.0480.28 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /jxyktze-14296letidm50wkl HTTP/1.1 0-784250/129/5990_ 91.42583976530260.01.4676.67 23.22.35.162http/1.1www.chonlateeboi.com:443GET /10195yxnoitems/etidm HTTP/1.1 0-784250/141/5947_ 90.96784275631960.01.7077.51 138.68.163.10h2localhost:443[0/0] Software caused connection abort 0-784250/152/6011_ 91.55783853405800.01.8179.75 52.70.240.171http/1.1www.chonlateeboi.com:443GET /48733tobeitems/etidm35 HTTP/1.1 0-784250/154/6219_ 91.40684481978430.01.8684.15 85.208.96.193http/1.1www.chonlateeadmin.com:443GET /vikxhvp-46834xetid HTTP/1.1 0-784250/134/6653_ 91.672056909030.01.4885.90 142.93.158.96http/1.1localhost:80GET /config.json HTTP/1.1 0-784250/220/5995_ 91.691083436020.01.9978.33 51.15.17.105http/1.1www.siamsolarrooftop.com:80GET /godsend.php HTTP/1.1 0-784250/164/6160_ 91.55793064829130.01.7780.44 40.77.167.25h2www.chonlateeaa.com:443GET /?s=i-was-curious-what-the-goosebumps-series-2000-covers-ll 0-784250/156/6307_ 91.06584659312270.01.5681.94 52.70.240.171http/1.1www.chonlateeboi.com:443GET /40291idtuitems/etidm HTTP/1.1 0-784250/147/6310_ 90.64484162290830.01.6480.44 94.156.71.117http/1.1www.1smestartup.com:443GET /wp-includes/images/include.php HTTP/1.1 0-784250/138/6074_ 91.56663068854070.01.6685.48 66.249.73.10http/1.1www.chonlateeadmin.com:443GET /trust.php?rzqqgmy-15630detid.htm HTTP/1.1 0-784250/233/6350_ 91.66375490408470.02.2288.41 20.192.24.43http/1.1www.nptpropertythailand.com:443POST /xmlrpc.php HTTP/1.1 0-784250/133/6041_ 91.70034671202650.01.5182.24 66.249.71.3http/1.1www.chonlateeaa.com:443GET /?w=the-other-day-i-saw-a-2jz-engine-shortblock-yy-1rzr4MHp 0-784250/143/6623_ 90.56385373827720.01.7888.34 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /zxoktze-15144betidm27mkb.htm HTTP/1.1 0-784250/158/6123_ 91.216234363223430.01.6688.61 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /ycnhmop-1155aitems/etidm.htm HTTP/1.1 0-784250/212/6023_ 91.550075411840.02.0375.47 142.93.158.96http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 0-784250/138/6146_ 91.473057683160.01.5079.63 142.93.158.96http/1.1localhost:80GET / HTTP/1.1 0-784250/147/6165_ 90.24684056828940.01.7089.58 23.22.35.162http/1.1www.chonlateeboi.com:443GET /16313rbhseti.html HTTP/1.1 0-784250/148/6144_ 91.614070690930.01.88109.99 142.93.158.96http/1.1localhost:80GET /.DS_Store HTTP/1.1 0-784250/155/6091_ 91.08584754384500.01.6377.01 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /kgzktze-41597metidm83.html HTTP/1.1 0-784250/151/6250_ 91.52184472772840.01.74114.88 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /srhktze-14331uitems/etidm.htm HTTP/1.1 0-784250/122/6033_ 91.15484467454450.01.4289.07 138.68.163.10h2localhost:443[0/0] Software caused connection abort 0-784250/146/6347_ 91.45484765328430.01.8281.59 23.22.35.162http/1.1www.chonlateeboi.com:443GET /15335lrvyetidm26vy.html HTTP/1.1 1-7113600/109/6213_ 62.200072952990.01.1480.70 49.48.66.18h2www.xn--12cx2bef7bl0boq4ch6gugw[64/64] done: stream 127, GET /wp-content/plugins/gallery-by-su 1-7113600/128/5992_ 62.09283966621750.01.4376.39 49.48.66.18h2www.xn--12cx2bef7bl0boq4ch6gugw[37/37] done: stream 73, GET /wp-content/plugins/gallery-by-sup 1-7113600/96/5971_ 62.13284793370300.01.0577.28 49.48.66.18h2www.xn--12cx2bef7bl0boq4ch6gugw[49/49] done: stream 95, GET /wp-content/plugins/gallery-by-sup 1-7113600/96/5656_ 60.62188976029780.01.3275.15 138.68.163.10h2localhost:443[0/0] Software caused connection abort 1-7113600/96/5908_ 62.13283975285950.01.1687.92 49.48.66.18h2www.xn--12cx2bef7bl0boq4ch6gugw[47/47] done: stream 93, GET /wp-content/plugins/gallery-by-sup 1-7113600/92/5965_ 62.15168564734280.01.0878.54 66.249.73.10http/1.1www.chonlateeadmin.com:443GET /trust.php?bngadej-145380tetidm64o.htm HTTP/1.1 1-7113600/89/6021_ 60.37184065358370.01.1176.35 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /bmqktze-31578detid.htm HTTP/1.1 1-7113600/100/6099_ 62.131076483960.01.5281.38 142.93.158.96http/1.1localhost:80GET /telescope/requests HTTP/1.1 1-7113600/103/6050_ 62.14141055508680.01.2878.01 49.48.66.18h2www.xn--12cx2bef7bl0boq4ch6gugw[53/53] done: stream 105, GET /wp-content/plugins/woocommerce/a 1-7113600/102/6020_ 62.161069783000.01.0384.26 49.48.66.18h2www.xn--12cx2bef7bl0boq4ch6gugw[59/59] done: stream 115, GET /wp-content/themes/chonlateedesig 1-7113600/97/5813_ 62.20085976275080.01.2783.49
Found on 2024-01-07 00:48 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31ef8c38d2ef8c38d2e6a46dc0Apache Status Apache Server Status for mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Friday, 05-Jan-2024 22:29:52 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 1 Parent Server MPM Generation: 0 Server uptime: 12 hours 28 minutes 31 seconds Server load: 2.38 2.46 2.48 Total accesses: 221703 - Total Traffic: 3.2 GB - Total Duration: 178169384 CPU Usage: u119.48 s7.4 cu3522.42 cs190.09 - 8.55% CPU load 4.94 requests/sec - 74.4 kB/second - 15.1 kB/request - 803.64 ms/request 6 requests currently being processed, 58 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 012776no6yes527002 112906no12yes1310010 Sum2018 6580012 _____R_W______________WW____R_______R___________________________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-0127760/96/2413_ 63.862019727830.01.2337.27 164.92.192.25http/1.1localhost:443GET / HTTP/1.1 0-0127760/84/2518_ 64.30285018677950.00.9831.08 185.191.171.16http/1.1www.chonlateeboi.com:443GET /22294bzlnetidm39m HTTP/1.1 0-0127760/92/2354_ 62.551111930889090.01.1244.51 139.144.150.45h2localhost:443[0/0] Software caused connection abort 0-0127760/81/2571_ 64.260019049080.00.9633.29 164.92.192.25http/1.1localhost:443GET / HTTP/1.1 0-0127760/91/2485_ 64.41085019431970.01.0731.02 23.22.35.162http/1.1www.chonlateeboi.com:443GET /21365crwdetidm77.html HTTP/1.1 0-0127760/96/2760R 63.581285019421030.01.2534.73 45.61.186.10http/1.1www.pennungmarket.com:443 0-0127760/137/2420_ 63.44284519097530.01.2629.63 139.144.150.45h2localhost:443[0/0] Software caused connection abort 0-0127761/97/2487W 63.810019866480.01.3132.59 3.224.220.101http/1.1www.chonlateeboi.com:443GET /46985mywgeti.html HTTP/1.1 0-0127760/96/2507_ 63.790130718829540.01.3166.17 139.144.150.45http/1.1 0-0127760/105/2481_ 64.410126618844870.01.4632.12 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /hzwmeuk-25864jetidm87umj HTTP/1.1 0-0127760/91/2440_ 63.3711022345050.01.1730.04 139.144.150.45h2localhost:443[0/0] Software caused connection abort 0-0127760/90/2362_ 64.23189918907950.01.1130.84 52.167.144.16h2www.thesungolden.com:443GET /tzeu2e/rg353v-vs-retroid-pocket-3.html HTTP/2.0 0-0127760/85/2334_ 64.361106019094980.01.0932.95 23.22.35.162http/1.1www.chonlateeboi.com:443GET /21371crwdetidm.html HTTP/1.1 0-0127760/101/2653_ 64.08285719868910.01.2835.14 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /wxlmeuk-37215yitems/etidm93jk.htm HTTP/1.1 0-0127760/94/2686_ 63.65184622080500.01.2636.70 164.92.192.25h2localhost:443[0/0] Software caused connection abort 0-0127760/89/2411_ 63.57133519185660.01.1332.18 164.92.192.25h2localhost:443[0/0] Software caused connection abort 0-0127760/96/2359_ 64.410019409890.01.2231.00 139.144.150.45http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-0127760/95/2543_ 64.360019181560.01.2135.18 142.93.158.96http/1.1localhost:80GET /.env HTTP/1.1 0-0127760/96/2556_ 62.442105918745120.01.1833.66 164.92.192.25h2localhost:443[0/0] Software caused connection abort 0-0127760/95/2399_ 63.99184620825280.01.2229.57 52.167.144.16h2www.thesungolden.com:443[1/1] done: stream 1, GET /tzeu2e/rg353v-vs-retroid-pocket-3.ht 0-0127760/90/2458_ 64.331018998660.01.1135.48 142.93.158.96http/1.1localhost:80GET /_all_dbs HTTP/1.1 0-0127760/102/2466_ 62.641416919919900.01.1836.03 31.184.236.34http/1.1 0-0127761/93/2722W 64.240018679870.01.2233.99 66.249.72.66http/1.1www.chonlateeadmin.com:443GET /trust.php?rinvrsm-274304aeti.html HTTP/1.1 0-0127761/85/2376W 63.110018275150.01.0731.69 139.144.150.45http/1.1localhost:443GET /server-status HTTP/1.1 0-0127760/91/2388_ 64.351019227280.01.0931.27 139.144.150.45http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-0127760/92/2403_ 64.31289118627460.01.2331.15 23.22.35.162http/1.1www.chonlateeboi.com:443GET /21325crwditems/etidm61 HTTP/1.1 0-0127760/100/2338_ 64.11284718405860.01.4330.02 66.249.71.169http/1.1www.chonlateeadmin.com:443GET /trust.php?eqjadej-46505wetidm.html HTTP/1.1 0-0127760/79/2472_ 64.30284718774380.00.9962.12 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?xuuhsbr-132376hitems/etid.html HTTP/1.1 0-0127760/103/2365R 64.292106318897450.01.3029.94 66.249.72.67http/1.1www.chonlateeadmin.com:443 0-0127760/92/2683_ 64.351018161810.01.0870.49 142.93.158.96http/1.1localhost:80GET /.DS_Store HTTP/1.1 0-0127760/86/2359_ 64.28084118833200.01.0837.34 31.184.236.42http/1.1 0-0127760/81/2685_ 64.161018910660.01.0132.71 142.93.158.96http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 1-0129060/96/1904_ 57.44187714422540.01.2425.17 164.92.192.25h2localhost:443[0/0] Software caused connection abort 1-0129060/92/1681_ 56.21085113855870.01.1221.93 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /hhwmeuk-43310jitems/etidm55u.html HTTP/1.1 1-0129060/87/1802_ 57.87285314299320.01.0825.30 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /krzmeuk-37489mitems/eti HTTP/1.1 1-0129060/93/1696_ 57.800013957740.01.1822.54 142.93.158.96http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-0129060/88/1712R 57.59392113725960.01.0926.97 40.77.167.44http/1.1www.xn--12cx2bef7bl0boq4ch6gugw 1-0129060/92/1734_ 57.83368713787830.01.0623.25 52.167.144.210h2www.thaidaoherb.com:443GET /guncategoryryyh/1938 HTTP/2.0 1-0129060/82/1746_ 57.950013969110.01.0221.58 164.92.192.25http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-0129060/82/1732_ 57.931013996860.02.1222.77 164.92.192.25http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 1-0129060/73/1775_ 57.79184714224290.00.9124.02 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /wrlmeuk-37501yitems/etidm90 HTTP/1.1 1-0129060/136/1723_ 57.61089013816910.01.2422.64 23.22.35.162http/1.1www.chonlateeboi.com:443GET /21354crwdetid.htm HTTP/1.1 1-0129060/85/1707_ 57.37185113462220.01.0525.76 139.144.150.45http/1.1 1-0129060/92/1788_ 57.872014580590.01.1624.06 164.92.192.25http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 1-0129060/156/1773_ 57.842014138860.01.4023.41 139.144.150.45http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 1-0129060/83/1706
Found on 2024-01-05 15:29 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31ef8c38d2ef8c38d202726ac2Apache Status Apache Server Status for mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Monday, 11-Dec-2023 21:02:09 ICT Restart Time: Friday, 01-Dec-2023 00:22:58 ICT Parent Server Config. Generation: 41 Parent Server MPM Generation: 40 Server uptime: 10 days 20 hours 39 minutes 11 seconds Server load: 1.01 0.86 0.76 Total accesses: 4288058 - Total Traffic: 55.1 GB - Total Duration: 4060116474 CPU Usage: u323.8 s51.62 cu76969.1 cs4032.07 - 8.67% CPU load 4.57 requests/sec - 61.5 kB/second - 13.5 kB/request - 946.843 ms/request 7 requests currently being processed, 57 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 06388no6yes230004 228854no8yes527012 Sum2014 757016 _______________________W__R_____................................ _W_____R__R____________R_______R................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-4063880/109/38678_ 72.4000352048650.01.33489.77 104.236.193.132http/1.1localhost:443GET /login.action HTTP/1.1 0-4063880/117/38033_ 72.190645359077250.01.53480.75 66.249.64.228http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?axtdvuk-34567getidm13.html HTTP/1.1 0-4063880/125/38415_ 72.022662394004910.01.48492.90 217.113.194.85http/1.1www.focusfilmthailand.com:80GET /tag/%E0%B8%9A%E0%B8%A3%E0%B8%B4%E0%B8%81%E0%B8%B2%E0%B8%A3 0-4063880/106/38468_ 69.7611067381097970.01.25503.54 157.55.39.61h2www.chonlateepr.com:443[2/2] done: stream 3, GET /sitemap-info-282.xml 0-4063880/109/38958_ 72.2520362718830.01.27556.77 104.236.193.132http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-4063880/95/38017_ 72.301657391841290.01.12481.38 66.249.71.196http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?qnjgazz-46465wetidm27da.html HTTP/1.1 0-4063880/102/38361_ 72.0220393122330.01.12483.53 206.81.1.88http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-4063880/99/39110_ 71.943869360984600.01.21491.19 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?vzkqgmy-110482xetid HTTP/1.1 0-4063880/117/38083_ 72.2620373153990.01.71499.44 52.70.240.171http/1.1www.krongthongsecurity.com:443GET /wmdgzna291729qitems/eti HTTP/1.1 0-4063880/101/38521_ 71.952877360956380.01.10492.64 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?vzomrbm-8016betidm18i HTTP/1.1 0-4063880/108/38062_ 71.232954377206260.01.24463.14 157.55.39.61h2www.chonlateepr.com:443[1/1] done: stream 1, GET /sitemap-info-263.xml 0-4063880/107/38153_ 72.3010360748030.01.25513.36 104.236.193.132http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-4063880/105/38025_ 72.161664367918030.01.29464.75 66.249.71.197http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?solvbri-8689yetidm56fb.html HTTP/1.1 0-4063880/90/38169_ 70.132658396990150.01.04492.39 104.236.193.132h2localhost:443[0/0] Software caused connection abort 0-4063880/89/38414_ 71.9300372769130.01.17483.12 206.81.1.88http/1.1localhost:80GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-4063880/104/38072_ 72.242855365133330.01.20537.23 52.70.240.171http/1.1www.chonlateeboi.com:443GET /trust.php?324676bogqetidm1 HTTP/1.1 0-4063880/96/39083_ 72.350673368691380.01.18517.86 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?hsafooj-13644netid HTTP/1.1 0-4063880/84/38515_ 72.3510359270970.00.99475.32 159.89.83.196http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-4063880/94/38584_ 71.451659360716720.01.11499.14 104.236.193.132http/1.1 0-4063880/111/38877_ 72.3500376988780.01.36506.69 159.89.83.196http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-4063880/99/38261_ 72.4000354990530.01.22505.10 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /raygzna291698letid.htm HTTP/1.1 0-4063880/118/38434_ 72.190658381038170.01.37496.97 66.249.71.164http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?qxjdvuk-53407wetidm21.html HTTP/1.1 0-4063880/98/38181_ 72.203885399547360.01.20506.20 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?ylnqgmy-110459aetidm.html HTTP/1.1 0-4063881/100/37495W 72.1600354153110.01.15466.62 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?pdeqgmy-110424retidm71cqr.htm HTTP/1.1 0-4063880/119/38553_ 72.370851364110230.01.42512.44 66.249.64.227http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?lqedvsc-5588retid.htm HTTP/1.1 0-4063880/99/37806_ 72.3310381301810.01.18462.59 159.89.83.196http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-4063880/110/38537R 71.723860365525220.01.25575.95 66.249.64.226http/1.1 0-4063880/109/37771_ 72.1510363491430.01.24502.81 52.70.240.171http/1.1www.krongthongsecurity.com:443GET /gmngzna35613aitems/etidm65 HTTP/1.1 0-4063880/115/38371_ 72.141892404344310.01.37515.73 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?ddsqgmy-110464fetidm95qqf HTTP/1.1 0-4063880/113/38228_ 72.4001075368299760.01.30495.51 52.70.240.171http/1.1www.chonlateeboi.com:443GET /trust.php?324690bogqetid.htm HTTP/1.1 0-4063880/106/38337_ 71.9921107363171630.01.34486.18 52.70.240.171http/1.1www.chonlateeboi.com:443GET /trust.php?273086bogqitems/etidm26i.html HTTP/1.1 0-4063880/98/38054_ 71.711649368597420.01.12529.58 66.249.64.229http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?rbrnuow-11522eitems/eti.htm HTTP/1.1 1-40-0/0/39232. 0.001349851366963720.00.00496.48 66.249.64.227http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?oerxner-47815eeti.html HTTP/1.1 1-40-0/0/39185. 0.0013491043375395980.00.00539.25 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?330877bogqitems/etidm80 HTTP/1.1 1-40-0/0/38959. 0.001349863376969640.00.00542.28 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?laentbr-20408retidm55y.htm HTTP/1.1 1-40-0/0/39207. 0.001349890385336770.00.00553.94 85.208.96.203http/1.1www.chonlateeadmin.com:443GET /liaypvw-35098netid HTTP/1.1 1-40-0/0/39976. 0.001349918356664450.00.00608.59 66.249.64.227http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?hfassdx-12240netidm94u HTTP/1.1 1-40-0/0/38802. 0.001349910353324760.00.00555.91 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?ubxooqo-25825ketidm.html HTTP/1.1 1-40-0/0/38879. 0.001349864357502030.00.00521.21 198.98.54.38http/1.1www.xn--12cx2bef7bl0boq4ch6gugwGET /author/admin/ HTTP/1.1 1-40-0/0/39303. 0.0013492422380929500.00.00501.98 95.91.42.78http/1.1www.chonlateefood.com:443GET /%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%97%E0%B8%B3%E0%B8%82%E0% 1-40-0/0/39064. 0.0013491004369774110.00.00492.97 95.91.42.78http/1.1www.chonlateedesign.com:443GET /%E0%B8%AA%E0%B8%B5%E0%B8%81%E0%B8%B1%E0%B8%9A%E0%B8%81%E0% 1-40-0/0/39164. 0.001349898361675120.00.00501.68 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?ilxqgmy-125211kitems/etidm.htm HTTP/1.1 1-40-0/0/39722. 0.001349
Found on 2023-12-11 14:01 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31ef8c38d2ef8c38d261f613d2Apache Status Apache Server Status for mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Thursday, 23-Nov-2023 00:24:06 ICT Restart Time: Monday, 20-Nov-2023 10:17:03 ICT Parent Server Config. Generation: 10 Parent Server MPM Generation: 9 Server uptime: 2 days 14 hours 7 minutes 3 seconds Server load: 1.81 1.96 1.65 Total accesses: 648179 - Total Traffic: 8.2 GB - Total Duration: 719212262 CPU Usage: u22.77 s10.61 cu9731.61 cs572.4 - 4.62% CPU load 2.9 requests/sec - 38.6 kB/second - 13.3 kB/request - 1109.59 ms/request 7 requests currently being processed, 185 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 014579no2yes725002 16697yes (old gen)1no00000 214663no3yes032102 46881yes (old gen)0no00000 514664no1yes032000 614666no1yes032001 714668no1yes032000 814670no0yes032000 Sum829 7185105 __W_WW__W_RW______W_____________..........................W..... ________________________________................................ ................................________________________________ ________________________________________________________________ ________________________________................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-9145790/1/5241_ 0.110047419550.00.0072.57 139.59.182.142http/1.1localhost:443GET /login.action HTTP/1.1 0-9145790/1/4984_ 0.120050402760.00.0061.57 161.35.176.95http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-9145791/0/4909W 0.000068876520.00.0060.32 66.249.79.67http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?zlgynxw-2248tetidm44m.htm HTTP/1.1 0-9145790/1/5098_ 0.110048793550.00.0062.97 144.126.198.24http/1.1localhost:443GET /_all_dbs HTTP/1.1 0-9145791/0/5147W 0.000051687560.00.0079.22 164.90.222.93http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /.vscode/sftp.json HTTP/1.1 0-9145791/0/5224W 0.000050709910.00.0062.71 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?yjnecaw-217631aetidm53lw.html HTTP/1.1 0-9145790/0/5077_ 0.001051557010.00.0065.51 87.236.20.180h2www.dreamhightravel.com:443[0/0] init 0-9145790/1/4976_ 0.110048178580.00.0061.73 161.35.27.144http/1.1localhost:443GET /.DS_Store HTTP/1.1 0-9145791/0/5222W 0.000050388740.00.0060.80 147.182.130.98http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /.vscode/sftp.json HTTP/1.1 0-9145790/0/5317_ 0.000048072380.00.0081.42 144.126.198.24http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-9145790/0/5257R 0.001049364220.00.0063.06 87.236.20.180h2www.dreamhightravel.com:443[1/0] read: stream 1, POST /wp-login.php 0-9145791/0/5364W 0.000049590390.00.0076.17 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /trust.php?jryecaw-272996litems/etidm5.html HTTP/1.1 0-9145790/0/5307_ 0.000052171030.00.0069.09 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /.git/config HTTP/1.1 0-9145790/0/5291_ 0.000049122730.00.0062.20 87.236.20.180h2www.dreamhightravel.com:443[0/0] init 0-9145790/1/5000_ 0.140049334990.00.0056.97 139.59.182.142http/1.1localhost:443GET /_all_dbs HTTP/1.1 0-9145790/1/4956_ 0.140050751070.00.0059.21 161.35.27.144http/1.1localhost:443GET /.env HTTP/1.1 0-9145790/1/4947_ 0.140047839840.00.0059.38 144.126.198.24http/1.1localhost:443GET /.DS_Store HTTP/1.1 0-9145790/0/5281_ 0.000048733620.00.0058.35 128.199.61.251http/1.1localhost:80GET /.git/config HTTP/1.1 0-9145791/0/5034W 0.000050217500.00.0071.03 161.35.176.95http/1.1localhost:443GET /server-status HTTP/1.1 0-9145790/0/5098_ 0.000050206340.00.0073.64 161.35.176.95http/1.1localhost:443GET / HTTP/1.1 0-9145790/0/4986_ 0.000049737540.00.0068.12 139.59.182.142http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-9145790/0/5231_ 0.001044691110.00.0067.68 164.90.222.93h2localhost:443[0/0] Software caused connection abort 0-9145790/0/4977_ 0.001051856100.00.0063.12 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-9145790/0/4986_ 0.001050753540.00.0073.04 161.35.27.144http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-9145790/0/5065_ 0.001049737180.00.0062.67 139.59.182.142http/1.1localhost:443GET /about HTTP/1.1 0-9145790/0/5166_ 0.00165047541650.00.0067.26 66.249.79.68http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?bxcazkf-7866pitems/etid.html HTTP/1.1 0-9145790/0/5260_ 0.001049453910.00.0085.08 139.59.182.142http/1.1localhost:80GET / HTTP/1.1 0-9145790/0/5356_ 0.00180750357090.00.0085.39 223.24.157.217h2www.xn--12cx2bef7bl0boq4ch6gugw[0/0] init 0-9145790/0/4934_ 0.001049140460.00.0067.95 144.126.198.24http/1.1localhost:443GET / HTTP/1.1 0-9145790/0/5223_ 0.00188752416600.00.0059.93 23.22.35.162http/1.1www.chonlateeboi.com:443GET /5396tbrmitems/etidm6.html HTTP/1.1 0-9145790/0/5044_ 0.0012647464910.00.0064.72 164.90.222.93h2localhost:443[0/0] Software caused connection abort 0-9145790/0/5245_ 0.001046041050.00.0063.60 128.199.61.251http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-8-0/0/5364. 0.002054667380.00.0057.61 139.59.182.142http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 1-8-0/0/4986. 0.001951429170.00.0059.50 144.126.198.24http/1.1localhost:443GET /server-status HTTP/1.1 1-8-0/0/5185. 0.00039355147510.00.0059.78 147.182.130.98http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 1-8-0/0/5136. 0.00284748848650.00.0068.55 147.182.130.98http/1.1 1-8-0/0/5108. 0.00151849956600.00.0058.08 164.90.222.93http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 1-8-0/0/5043. 0.002052521240.00.0061.33 178.62.3.65http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /_all_dbs HTTP/1.1 1-8-0/0/5474. 0.002053860880.00.0063.46 139.59.182.142http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 1-8-0/0/5294. 0.002050744480.00.0068.77 161.35.27.144http/1.1 1-8-0/0/5196. 0.001477951386350.00.0070.39 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /comments/feed/ HTTP/1.1 1-8-0/0/5462. 0.002053738520.00.0065.73 144.126.198.24http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-8-0/0/5456. 0.002272653685270.00.0072.12 147.182.130.98http/1.1 1-8-0/0/5344. 0.002052276830.00.0071.18 161.35.17
Found on 2023-11-22 17:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb315db5272d5db5272dacc05d10Apache Status Apache Server Status for mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Saturday, 23-Sep-2023 15:36:03 +07 Restart Time: Saturday, 23-Sep-2023 04:02:11 +07 Parent Server Config. Generation: 1763 Parent Server MPM Generation: 1762 Server uptime: 11 hours 33 minutes 52 seconds Server load: 1.12 0.94 0.81 Total accesses: 79138 - Total Traffic: 1.4 GB - Total Duration: 112613024 CPU Usage: u2827.35 s5188.48 cu51121200 cs12506100 - 153000% CPU load 1.9 requests/sec - 34.5 kB/second - 18.1 kB/request - 1423 ms/request 3 requests currently being processed, 6 idle workers ___W._CW__........................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1762250360/16/6220_ 4.710185968540.00.07121.79 192.53.126.23http/1.1localhost:443GET /about HTTP/1.1 1-1762249640/27/6096_ 11.591085782620.00.13114.46 192.53.126.23http/1.1localhost:443GET /v2/_catalog HTTP/1.1 2-1762250440/13/6153_ 6.59163186657400.00.09105.92 195.88.56.178http/1.1www.xn--12ca0fonkbd7d0a2scgl7f.GET /rss.php HTTP/1.0 3-1762246590/91/5882W 27.880077923670.00.6889.59 192.53.126.23http/1.1localhost:443GET /server-status HTTP/1.1 4-1762-0/0/5779. 0.00128078805090.00.00101.08 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 5-1762248090/46/5757_ 50.451085450360.00.2679.91 192.53.126.23http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 6-1762248151/56/5293C 20.150177449811.50.47115.30 192.53.126.23http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 7-1762248330/51/5088W 47.370074447310.00.5774.86 195.88.56.178http/1.1www.xn--12ca0fonkbd7d0a2scgl7f.GET /m.php HTTP/1.0 8-1762248890/44/4984_ 17.25055471584920.00.2189.75 195.88.56.178http/1.1www.xn--12ca0fonkbd7d0a2scgl7f.GET /wp-info.php HTTP/1.0 9-1762248910/39/4441_ 11.280062910710.00.1863.45 167.172.20.95http/1.1localhost:80GET /.env HTTP/1.0 10-1762-0/0/4167. 0.00463260176060.00.0070.37 35.175.111.130http/1.1 11-1762-0/0/4061. 0.00686058901770.00.0080.39 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 12-1762-0/0/3314. 0.00112245698160.00.0076.44 195.88.56.178http/1.1www.xn--12ca0fonkbd7d0a2scgl7f.GET /wp-includes/js/tinymce/skins/lightgray/img/ HTTP/1.0 13-1762-0/0/2917. 0.0010465440356320.00.0042.93 195.88.56.178http/1.1www.xn--12ca0fonkbd7d0a2scgl7f.GET /wp-content/themes/seotheme/db.php?u HTTP/1.0 14-1762-0/0/2367. 0.00158135259250.00.0039.80 198.54.126.110http/1.1www.happy-carrent.com:80POST /xmlrpc.php HTTP/1.0 15-1762-0/0/1965. 0.00691029539550.00.0035.54 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 16-1762-0/0/1500. 0.001039019788200.00.0027.08 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 17-1762-0/0/717. 0.0025858059024920.00.0012.96 51.222.15.45http/1.1www.dreamhightravel.com:443POST /wp-login.php HTTP/1.1 18-1762-0/0/581. 0.00296609942760.00.0014.23 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1762-0/0/571. 0.00298309155650.00.009.80 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 20-1762-0/0/287. 0.00275403843590.00.008.16 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 21-1762-0/0/129. 0.00297201475090.00.005.46 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1762-0/0/171. 0.00297804890960.00.0010.80 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1762-0/0/52. 0.0029700474820.00.002.08 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 24-1762-0/0/222. 0.00242112073823280.00.004.21 27.254.96.168http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1POST /wp-cron.php?doing_wp_cron=1695455740.35536909103393554687 25-1762-0/0/30. 0.0044850173950.00.000.45 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1762-0/0/100. 0.0039743911376730.00.001.11 150.230.93.233http/1.1www.ozonepluswater.net:443GET /wp-login.php HTTP/1.1 27-1762-0/0/3. 0.0010343096260.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1762-0/0/4. 0.00103400111560.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 29-1762-0/0/58. 0.00102650579870.00.000.70 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 30-1762-0/0/100. 0.0098957711412600.00.001.40 51.79.24.51http/1.1www.chonlateekeyman.com:443POST //wp-login.php HTTP/1.1 31-1762-0/0/3. 0.00103360124930.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 32-1762-0/0/4. 0.0010353079740.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 33-1762-0/0/4. 0.00103280129440.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 34-1762-0/0/4. 0.00103300108370.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 35-1762-0/0/9. 0.00103370178550.00.000.15 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 36-1762-0/0/6. 0.00103210134700.00.000.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 37-1762-0/0/2. 0.0010359570.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 38-1762-0/0/3. 0.0010341086730.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 39-1762-0/0/1. 0.0010358000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 40-1762-0/0/84. 0.00992802081880.00.001.29 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 41-1762-0/0/1. 0.0010357000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 42-1762-0/0/8. 0.00103060123820.00.000.04 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 94subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 74 seconds, (range: 0...245)index usage: 3%, cache usage: 4%total entries stored since starting: 12919total entries replaced since starting: 0total entries expired since starting: 12825total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 506 hit, 24113 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-23 08:34 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb315db5272d5db5272debcb60d0Apache Status Apache Server Status for mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Wednesday, 20-Sep-2023 13:39:22 +07 Restart Time: Wednesday, 20-Sep-2023 13:38:45 +07 Parent Server Config. Generation: 1749 Parent Server MPM Generation: 1748 Server uptime: 36 seconds Server load: 1.42 1.59 1.37 Total accesses: 216 - Total Traffic: 1.3 MB - Total Duration: 91495 CPU Usage: u2674.6 s5139.32 cu50937800 cs12467100 - 1.76e+8% CPU load 6 requests/sec - 36.6 kB/second - 6.1 kB/request - 423.588 ms/request 11 requests currently being processed, 7 idle workers ____WR_RWCCWCCCC__................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1748323550/22/22_ 4.1401204104830.00.210.21 207.154.240.169http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /v2/_catalog HTTP/1.0 1-1748323560/16/16_ 8.6800183900.00.250.25 138.197.88.136http/1.1 2-1748323570/28/28_ 8.3001203170400.00.160.16 161.35.27.144http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /v2/_catalog HTTP/1.0 3-1748323580/27/27_ 3.250062530.00.140.14 143.42.118.5http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 4-1748323590/26/26W 2.430080760.00.130.13 207.154.240.169http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 5-1748324030/16/16R 4.740093570.00.060.06 138.197.88.136http/1.1 6-1748324100/20/20_ 3.110060370.00.080.08 143.42.118.5http/1.1localhost:443GET /v2/_catalog HTTP/1.1 7-1748324170/18/18R 1.410028840.00.080.08 138.197.88.136http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1 8-1748324180/13/13W 2.931056820.00.060.06 139.59.182.142http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /.vscode/sftp.json HTTP/1.1 9-1748324331/10/10C 0.740111803.50.070.07 178.62.73.12http/1.1localhost:443GET /server-status HTTP/1.1 10-1748324391/8/8C 2.411149331.50.030.03 134.122.63.192http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 11-1748324450/3/3W 0.000070.00.000.00 159.65.58.104http/1.1localhost:443GET /server-status HTTP/1.1 12-1748324511/3/3C 0.56057211474.40.010.01 162.158.238.39http/1.1www.dr-rpi.com:443POST /wp-login.php HTTP/1.1 13-1748324571/2/2C 0.001141.40.000.00 143.42.118.5http/1.1localhost:443GET /about HTTP/1.1 14-1748324641/1/1C 0.000121.50.000.00 159.65.58.104http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 15-1748324701/1/1C 0.000111.50.000.00 178.62.73.12http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 16-1748324720/1/1_ 0.000480.00.000.00 134.122.63.192http/1.1localhost:443GET /server-status HTTP/1.1 17-1748324780/1/1_ 0.000120.00.000.00 162.243.161.105http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 20subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 282 seconds, (range: 267...295)index usage: 0%, cache usage: 0%total entries stored since starting: 20total entries replaced since starting: 0total entries expired since starting: 0total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 0 hit, 128 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-20 06:37
-
-
Apache server-status page is publicly available
The server-status page (usually
/server-status) allows server administrators to find out how well their server is performing.This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
IP: 203.170.192.183
Domain: ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
Port: 80
URL: http://ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.comFirst seen 2023-09-20 06:37
Last seen 2024-02-01 22:23
Open for 134 days-
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb317c3bbe397c3bbe39bcd2d97aApache Status Apache Server Status for ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Friday, 02-Feb-2024 05:23:37 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 93 Parent Server MPM Generation: 92 Server uptime: 27 days 19 hours 22 minutes 16 seconds Server load: 2.00 2.11 2.30 Total accesses: 1843302 - Total Traffic: 23.8 GB - Total Duration: 2140669246 CPU Usage: u170.39 s103.75 cu32089.3 cs2210.25 - 1.44% CPU load .767 requests/sec - 10.4 kB/second - 13.5 kB/request - 1161.32 ms/request 1 requests currently being processed, 127 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 029373no0yes032000 229661no0yes032000 329394no0yes032000 529374no0yes131000 Sum400 1127000 ________________________________................................ ________________________________________________________________ ................................________________W_______________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-92293730/2/14750_ 0.9530160256510.00.00193.63 178.62.3.65http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-92293730/3/15246_ 0.9530138991500.00.00198.86 161.35.27.144http/1.1localhost:80GET /config.json HTTP/1.1 0-92293730/3/14816_ 0.9520150305980.00.02192.59 178.62.3.65http/1.1localhost:80GET /v2/_catalog HTTP/1.1 0-92293730/0/14993_ 0.0020145868920.00.00185.87 159.223.108.26http/1.1 0-92293730/3/14901_ 0.3310147705700.00.00185.27 109.205.213.198http/1.1localhost:80GET / HTTP/1.1 0-92293730/1/15128_ 0.8610156637760.00.00188.41 159.223.108.26http/1.1localhost:443GET /about HTTP/1.1 0-92293730/3/14803_ 0.4210145560300.00.00200.10 78.153.140.224http/1.1localhost:80\x16\x03\x01 0-92293730/3/15110_ 0.9500150176760.00.00187.50 178.128.151.41http/1.1localhost:80GET /login.action HTTP/1.1 0-92293730/2/15069_ 0.2810145202610.00.00229.80 194.233.75.51http/1.1 0-92293730/3/15197_ 0.87020148852840.00.02194.74 159.223.108.26http/1.1localhost:443GET /server-status HTTP/1.1 0-92293730/1/14761_ 0.883370154280280.00.00200.59 159.223.108.26http/1.1localhost:443GET /.DS_Store HTTP/1.1 0-92293730/3/14776_ 0.753370147100280.00.00195.37 64.227.126.135http/1.1localhost:80GET / HTTP/1.1 0-92293730/1/14632_ 0.103370137181620.00.00185.36 167.99.8.63http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-92293730/3/14794_ 0.883360169077050.00.00185.93 159.223.108.26http/1.1localhost:443GET /.env HTTP/1.1 0-92293730/3/15749_ 0.883350141537710.00.00187.66 159.223.108.26http/1.1localhost:443GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-92293730/2/14794_ 0.763320165338260.00.00182.39 64.227.126.135http/1.1localhost:80GET /.git/config HTTP/1.1 0-92293730/1/14840_ 0.283340143397110.00.00206.26 159.89.83.196http/1.1localhost:80GET /.env HTTP/1.1 0-92293730/4/14911_ 0.9490144873370.00.02189.20 161.35.27.144http/1.1localhost:80GET / HTTP/1.1 0-92293730/1/14729_ 0.2490160242950.00.00200.48 159.89.83.196http/1.1localhost:80GET / HTTP/1.1 0-92293730/3/14948_ 0.9470144636730.00.00193.68 161.35.27.144http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-92293730/2/14939_ 0.9490181441010.00.00193.26 161.35.27.144http/1.1localhost:80GET / HTTP/1.1 0-92293730/2/14967_ 0.9480146988050.00.00203.98 161.35.27.144http/1.1localhost:80GET /about HTTP/1.1 0-92293730/3/15421_ 0.3090150747980.00.02188.14 128.199.62.55http/1.1localhost:80GET /config.json HTTP/1.1 0-92293730/0/14631_ 0.0050138763900.00.00190.05 167.71.185.75h2localhost:443[0/0] Software caused connection abort 0-92293730/3/14927_ 0.9550162204730.00.00186.78 164.90.222.93http/1.1localhost:80\x16\x03\x01\x01\x1f\x01 0-92293730/3/14606_ 0.8340135973330.00.00196.85 167.71.185.75http/1.1localhost:443GET / HTTP/1.1 0-92293730/1/15108_ 0.9540144712670.00.00194.45 178.62.3.65http/1.1localhost:80GET / HTTP/1.1 0-92293730/3/14888_ 0.8440159153060.00.00213.24 167.71.185.75http/1.1localhost:443GET /login.action HTTP/1.1 0-92293730/4/14691_ 0.8340152163300.00.00175.81 167.71.185.75http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-92293730/2/15150_ 0.9540135099360.00.00225.04 161.35.27.144http/1.1localhost:80GET /.git/config HTTP/1.1 0-92293730/4/14623_ 0.9540155554050.00.00199.08 161.35.27.144http/1.1localhost:80GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-92293730/1/14891_ 0.9520145814240.00.00184.99 178.128.151.41http/1.1localhost:80GET /v2/_catalog HTTP/1.1 1-92-0/0/15731. 0.0042030138364770.00.00219.29 137.184.162.65http/1.1localhost:80GET /.git/config HTTP/1.1 1-92-0/0/15813. 0.0042030136849580.00.00198.68 139.144.150.23http/1.1localhost:443GET /login.action HTTP/1.1 1-92-0/0/15602. 0.0042030174090190.00.00199.96 159.203.44.43h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15318. 0.0042030150896030.00.00189.46 164.92.84.255http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 1-92-0/0/15276. 0.0042030146566320.00.00197.93 159.203.44.43http/1.1localhost:443GET /.git/config HTTP/1.1 1-92-0/0/15655. 0.0042030134151790.00.00198.79 139.144.150.23http/1.1localhost:443GET /.DS_Store HTTP/1.1 1-92-0/0/15351. 0.0042030172789920.00.00188.15 159.223.102.13http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-92-0/0/15185. 0.0042030165483380.00.00189.07 64.227.126.135h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15335. 0.0042030127395500.00.00211.76 134.122.34.144http/1.1localhost:443GET /telescope/requests HTTP/1.1 1-92-0/0/14956. 0.0042030152319130.00.00188.74 159.203.44.43http/1.1localhost:443GET / HTTP/1.1 1-92-0/0/15041. 0.0042030148013860.00.00204.86 164.92.84.255http/1.1localhost:443GET /login.action HTTP/1.1 1-92-0/0/15506. 0.0042030159268070.00.00208.73 139.144.96.150http/1.1localhost:443GET /config.json HTTP/1.1 1-92-0/0/15329. 0.0042030159504030.00.00200.56 45.55.193.222http/1.1localhost:443GET /telescope/requests HTTP/1.1 1-92-0/0/15189. 0.0042030137016410.00.00183.04 159.223.102.13http/1.1localhost:80GET /config.json HTTP/1.1 1-92-
Found on 2024-02-01 22:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb317c3bbe397c3bbe39f798e0a2Apache Status Apache Server Status for ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Sunday, 07-Jan-2024 11:04:04 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 8 Parent Server MPM Generation: 7 Server uptime: 2 days 1 hour 2 minutes 43 seconds Server load: 3.25 2.74 2.62 Total accesses: 824682 - Total Traffic: 11.1 GB - Total Duration: 1017566309 CPU Usage: u159.12 s14.59 cu14056 cs737.82 - 8.48% CPU load 4.67 requests/sec - 66.1 kB/second - 14.2 kB/request - 1233.89 ms/request 8 requests currently being processed, 56 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 016374no2yes329000 131206no12yes527007 Sum2014 856007 ______R_______W_W_______________RWW________W_________W__________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-7163740/203/6420_ 108.32295686400780.02.5994.39 52.70.240.171http/1.1www.chonlateeboi.com:443GET /30262rvsoetidm26y HTTP/1.1 0-7163740/192/6898_ 108.273063343750.02.2090.61 47.128.110.231http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /wp-content/uploads/2023/09/Untitled-9%E0%B8%AB%E0%B8%81%E0 0-7163740/209/6426_ 108.461075281280.02.1994.27 165.232.76.155http/1.1localhost:80GET /about HTTP/1.1 0-7163740/183/6713_ 108.413072632470.02.3287.08 144.126.198.24http/1.1localhost:80GET / HTTP/1.1 0-7163740/183/6447_ 108.400073115670.02.6083.56 165.232.76.155http/1.1localhost:80GET / HTTP/1.1 0-7163740/196/6835_ 108.412083354530.02.2990.57 139.59.65.144http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-7163740/196/6640R 108.403061563430.02.23100.86 3.224.220.101http/1.1 0-7163740/188/6692_ 108.461070549640.02.5087.71 164.92.84.255http/1.1localhost:80GET /v2/_catalog HTTP/1.1 0-7163740/402/6900_ 108.38184065758570.03.23130.15 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /uajybkn-16543witems/etidm76hn HTTP/1.1 0-7163740/197/6621_ 108.45284874485360.02.5385.06 23.22.35.162http/1.1www.chonlateeboi.com:443GET /30255rvsoitems/etidm37ro.htm HTTP/1.1 0-7163740/206/6369_ 108.400079334960.02.3480.95 164.92.84.255http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-7163740/185/6313_ 108.432080840080.02.1682.14 165.232.76.155http/1.1localhost:80GET / HTTP/1.1 0-7163740/182/6377_ 108.461057198500.02.0984.12 139.59.65.144http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-7163740/202/6613_ 108.461084617940.02.4688.68 144.126.198.24http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-7163741/350/7179W 96.22341063360080.03.6591.61 94.228.169.107http/1.1www.thesungolden.com:443POST /wp-content/uploads/wpr-addons/forms/061f69806f7d.php HTTP 0-7163740/203/6374_ 108.452087341680.02.5483.08 144.126.198.24http/1.1localhost:80GET /about HTTP/1.1 0-7163741/197/6543W 108.410069692660.02.4684.96 165.232.76.155http/1.1localhost:80GET /server-status HTTP/1.1 0-7163740/208/6687_ 107.54183565433160.05.7390.04 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /pleybkn-16616ritems/etidm49cyr.html HTTP/1.1 0-7163740/197/6690_ 108.46235074692670.02.1584.81 66.249.73.132http/1.1www.twinbuilt.co.th:443GET /?e=filter-a-c-foam-9-ii-vQ9ROASO HTTP/1.1 0-7163740/355/6609_ 108.36240871694520.02.8490.66 66.249.73.132http/1.1www.twinbuilt.co.th:443GET /?e=learn-how-to-breed-red-claw-crayfish-an-introduction-1- 0-7163740/209/6744_ 108.400095605700.02.7393.33 144.126.198.24http/1.1localhost:80GET / HTTP/1.1 0-7163740/197/6414_ 108.400075399240.02.6086.90 139.59.65.144http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-7163740/178/6959_ 108.432082112130.02.0792.50 139.59.65.144http/1.1localhost:80GET /login.action HTTP/1.1 0-7163740/191/6501_ 107.76384866300650.02.1792.96 23.22.35.162http/1.1www.chonlateeboi.com:443GET /42693eslwitems/etidm59.htm HTTP/1.1 0-7163740/188/6412_ 108.452080435120.02.9381.12 139.59.65.144http/1.1localhost:80GET /.DS_Store HTTP/1.1 0-7163740/348/6676_ 107.65284460490960.02.6984.63 47.128.110.231h2www.xn--12cn0bmbkgc3ent5c1ewa4b[1/1] done: stream 1, GET /tag/%E0%B8%88%E0%B8%94%E0%B8%97%E0%B 0-7163740/180/6498_ 108.07285073767680.02.0793.46 47.128.110.231http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /tag/%E0%B8%88%E0%B8%94%E0%B8%97%E0%B8%B0%E0%B9%80%E0%B8%9A 0-7163740/203/6529_ 108.20072184327800.02.39114.61 66.249.71.205http/1.1www.xn--12cx2bef7bl0boq4ch6gugwPOST /?wc-ajax=get_refreshed_fragments HTTP/1.1 0-7163740/207/6460_ 108.46184469403010.02.8081.69 3.224.220.101http/1.1www.chonlateeboi.com:443GET /30341rvsoetidm69.html HTTP/1.1 0-7163740/207/6726_ 108.452075500580.02.36120.23 139.59.65.144http/1.1localhost:80GET /.git/config HTTP/1.1 0-7163740/179/6389_ 108.452074684720.02.4993.76 165.232.76.155http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-7163740/195/6713_ 108.432072761970.02.2686.19 144.126.198.24http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 1-7312060/81/6547R 45.19375275190000.00.9485.01 185.191.171.13http/1.1 1-7312061/84/6333W 36.38222068835650.01.4280.84 94.228.169.107http/1.1www.thesungolden.com:443POST /wp-content/uploads/wpr-addons/forms/061f69806f7d.php HTTP 1-7312061/92/6304W 45.1900101176810.01.0581.36 3.224.220.101http/1.1www.chonlateeboi.com:443GET /10014ymuietidm95e.htm HTTP/1.1 1-7312060/65/6042_ 45.400380174710.00.7580.16 164.92.84.255http/1.1localhost:80GET /server-status HTTP/1.1 1-7312060/75/6227_ 45.321077377420.00.9493.57 144.126.198.24http/1.1localhost:80GET /v2/_catalog HTTP/1.1 1-7312060/93/6316_ 45.290067326240.02.3584.09 164.92.84.255http/1.1localhost:80GET /about HTTP/1.1 1-7312060/99/6350_ 45.32184371175090.01.1180.67 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /qafybkn-22363sitems/etidm HTTP/1.1 1-7312060/87/6406_ 45.292080217330.01.0085.70 139.59.65.144http/1.1localhost:80GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 1-7312060/81/6369_ 45.251057784330.00.9282.32 164.92.84.255http/1.1localhost:80GET / HTTP/1.1 1-7312060/89/6313_ 45.190080446120.01.1787.87 164.92.84.255http/1.1localhost:80\x16\x03\x01\x01\x06\x01 1-7312060/100/6128_ 44.34086278425550.01.0887.15 66.249.71.166http/1.1www.focusfilmthailand.com:443GET /%E0%B8%95%E0%B8%B4%E0%B8%94%E0%B8%9F%E0%B8%B4%E0%B8%A5%E0% 1-7312060/76/6628W 44.971484361160150.01.0595.77 47.128.110.231h2www.xn--12cn0bmbkgc3ent5c1ewa4b[1/0] write: stream 1, GET /wp-content/uploads/2023/09/Untitled 1-7312060/79/6363_ 45.311
Found on 2024-01-07 04:04 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb317c3bbe397c3bbe3993471fb2Apache Status Apache Server Status for ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Saturday, 06-Jan-2024 00:48:41 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 3 Parent Server MPM Generation: 2 Server uptime: 14 hours 47 minutes 20 seconds Server load: 2.93 2.70 2.71 Total accesses: 265009 - Total Traffic: 3.8 GB - Total Duration: 215905106 CPU Usage: u129.85 s8.57 cu4282.28 cs230.01 - 8.74% CPU load 4.98 requests/sec - 75.1 kB/second - 15.1 kB/request - 814.709 ms/request 8 requests currently being processed, 120 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 019907no2yes131001 419908no4yes329002 719927no2yes230001 919931no4yes230002 Sum4012 8120006 __________W_____________________................................ ................................................................ _________R___R____W_____________................................ ................................____W_____________R_____________ ................................_W___________________________W__ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process <SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-2199070/53/2896_ 27.04978123538130.00.6343.66 135.181.180.59http/1.1www.chonlateemeet.com:443GET /tag/%E0%B8%AB%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B9%80%E0%B8%A3 0-2199070/40/3135_ 27.221022264210.00.4741.42 206.81.1.88http/1.1localhost:80GET /v2/_catalog HTTP/1.1 0-2199070/38/2831_ 25.88033534997120.00.5350.17 66.249.71.4http/1.1www.chonlateeaa.com:443GET /?w=affordable-dream-car-the-bmw-3301-zhp-bull;-gear-yy-NQy 0-2199070/33/3063_ 27.09762625329690.00.3638.83 81.94.150.189http/1.1www.focusfilmthailand.com:80GET /wp-content/plugins/wp-compress-image-optimizer/fixCss.php? 0-2199070/48/2972_ 27.21452023361260.00.5137.33 163.5.64.11http/1.1www.kncintergroup.com:443GET /wp-content/plugins/userpro/changelog.txt HTTP/1.1 0-2199070/52/3205_ 27.213105923327380.00.6940.38 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /mgbrtxd-27689oeti.html HTTP/1.1 0-2199070/42/2964_ 26.24790522660200.00.5052.07 135.181.180.59http/1.1www.chonlateemeet.com:443GET /tag/%E0%B8%AB%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B9%80%E0%B8%A3 0-2199070/50/2970_ 26.4310023657900.00.5738.97 91.92.252.141http/1.1www.bannongsaischool.com:80GET /wp-content/plugins/include.php HTTP/1.1 0-2199070/57/3032_ 26.76833722612520.00.6381.42 66.249.77.72http/1.1www.chonlateeaa.com:443GET /?w=no-reserve-1978-lincoln-mark-v-for-sale-on-yy-aErLkAtl 0-2199070/44/2965_ 26.56434322755260.00.5938.41 66.249.77.74http/1.1www.chonlateeaa.com:443GET /?w=92-honda-accord-body-kit-y-1NGnp5Hp HTTP/1.1 0-2199071/44/2891W 26.700026137810.00.5935.60 167.99.184.41http/1.1localhost:80GET /server-status HTTP/1.1 0-2199070/49/2826_ 27.010111922908750.00.5736.63 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /sxhjupk-395uetidm.html HTTP/1.1 0-2199070/40/2807_ 27.220022822270.00.4538.67 178.62.73.12http/1.1localhost:80GET / HTTP/1.1 0-2199070/52/3104_ 26.54585223558010.00.9142.57 52.167.144.140h2www.chonlateeaa.com:443GET /?s=used-keilwerth-sx90-tenor-sax-black-nickel-ll-6nLKpDtJ 0-2199070/35/3130_ 27.221025636360.00.3542.34 206.81.1.88http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 0-2199070/39/2888_ 27.20533622670160.00.4537.61 66.249.77.73http/1.1www.chonlateeaa.com:443GET /?w=apple-macbook-a1342-__250gb-hdd-4gb-ram-available-color 0-2199070/30/2817_ 26.90335940326909510.00.3636.66 94.228.169.107http/1.1www.thesungolden.com:443POST /wp-content/uploads/wpr-addons/forms/061f69806f7d.php HTTP 0-2199070/43/3122_ 26.845104922916190.00.5141.68 85.208.96.198http/1.1www.chonlateeboi.com:443GET /40578zypyetid.htm HTTP/1.1 0-2199070/47/3021_ 27.22040622565710.00.6139.62 178.62.73.12http/1.1localhost:80\x16\x03\x01\x01\x07\x01 0-2199070/48/2869_ 27.220024352850.00.5042.83 206.81.1.88http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-2199070/46/2911_ 26.65158622339150.00.5041.53 149.91.122.223http/1.1www.partymanagementthailand.comPOST /wp-login.php HTTP/1.1 0-2199070/50/2976_ 26.86435023549210.00.6842.86 66.249.77.72http/1.1www.chonlateeaa.com:443GET /?w=legacy-lo-low-ride-truck-seat-highback-duraleather-yy-5 0-2199070/40/3285_ 27.041059822385310.00.4841.95 188.166.29.162http/1.1www.spamechanicssystem.com:443POST /wp-login.php HTTP/1.1 0-2199070/40/2813_ 27.08884622020200.00.4937.29 52.70.240.171http/1.1www.chonlateeboi.com:443GET /31562otfwitems/etid.html HTTP/1.1 0-2199070/52/2861_ 26.78733822771790.00.6336.64 66.249.77.72http/1.1www.chonlateeaa.com:443GET /?w=dpf-particulate-additive-fluid-pouch-for-citroen-berlin 0-2199070/41/2841_ 27.205522288100.00.4836.92 135.181.180.59http/1.1www.chonlateenextbiz.com:443GET /tag/%E0%B8%AD%E0%B8%B3%E0%B9%80%E0%B8%A0%E0%B8%AD%E0%B9%80 0-2199070/41/2933_ 26.47955622367980.00.5147.60 66.249.77.74http/1.1www.chonlateeaa.com:443GET /?w=jbugs-1971-vw-super-beetle-engine-build-series-clearanc 0-2199070/37/2913_ 27.21434422454350.00.4567.67 66.249.77.73http/1.1www.chonlateeaa.com:443GET /?w=335i-335xi-135i-1k-fmic-kit-race-arm-motorsports-yy-gDG 0-2199070/46/2811_ 27.09785022651370.00.5435.50 3.224.220.101http/1.1www.chonlateeboi.com:443GET /31650otfwetid.htm HTTP/1.1 0-2199070/41/3150_ 26.403021743920.00.4576.02 91.92.252.141http/1.1www.kncintergroup.com:80GET /wp-content/plugins/WordPressCore/include.php HTTP/1.1 0-2199070/47/2856_ 27.00038422732740.00.5044.60 66.249.77.73http/1.1www.chonlateeaa.com:443GET /?w=price-for-cummins-engine-y-Bky2dGUx HTTP/1.1 0-2199070/32/3195_ 27.213025288030.00.3638.99 178.128.151.41http/1.1localhost:80GET / HTTP/1.1 1-1-0/0/2323. 0.00141186617630010.00.0030.27 207.46.13.154http/1.1www.thaidaoherb.com:443GET /9i7h/dyv42461ryyhc053875235.html HTTP/2.0 1-1-0/0/2100. 0.001411173417390000.00.0027.02 66.249.71.7http/1.1www.chonlateenextbiz.com:443GET /db.php?g3192039.shtml HTTP/1.1 1-1-0/0/2227. 0.001411107117630050.00.0030.69 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?rngadej-26472tetidm80eat.htm HTTP/1.1 1-1-0/0/2089. 0.001411211517285130.00.0027.89 66.249.69.229http/1.1www.chonlateenextbiz.com:443GET /db.php?g335424.shtml HTTP/1.1 1-1-0/0/2129. 0.00141185117106500.00.0032.51 52.70.240.171http/1.1www.chonlateeboi.com:443GET /48835biwxitems/etidm HTTP/1.1 1-1-0/0/2185. 0.00141185816794840.00.0028.38 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?jryadej-23266letid HTTP/1.1 1-1-0/0/2135. 0.00141197217421340.00.0026.37 23.22.35.162http/1.1www.chonlateeboi.com:443GET /22684biwxetidm7 HTTP/1.1 1-1-0/0/2185. 0.0014111717237790.00.0029.46 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?papaw99.xml HTTP/1.1 1-1-0/0/2163. 0.00141184617365570.00.0029.98 23.22.35.162http/1.1www.chonlateeboi.com:443GET /42349biwxitems/etidm52 HTTP/1.1 1-1-0/0/2112. 0.00141189516912400.00.0027.55 185.191.171.3http/1.1www.chonlateefood.com:443
Found on 2024-01-05 17:48 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb317c3bbe397c3bbe39f47c35b7Apache Status Apache Server Status for ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Tuesday, 12-Dec-2023 06:57:31 ICT Restart Time: Friday, 01-Dec-2023 00:22:58 ICT Parent Server Config. Generation: 44 Parent Server MPM Generation: 43 Server uptime: 11 days 6 hours 34 minutes 33 seconds Server load: 0.78 0.71 0.59 Total accesses: 4466775 - Total Traffic: 57.2 GB - Total Duration: 4199608251 CPU Usage: u173.89 s46.05 cu80570.8 cs4214.83 - 8.73% CPU load 4.59 requests/sec - 61.6 kB/second - 13.4 kB/request - 940.188 ms/request 6 requests currently being processed, 58 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 08142no1yes329000 19089no1yes329000 Sum202 658000 _______________W______________WW_________R_R_______W____________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-4381420/99/40132_ 60.611870363923130.01.10507.19 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?83267nraretidm.html HTTP/1.1 0-4381420/85/39529_ 61.9610369714890.00.97498.93 74.207.237.114http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 0-4381420/87/39973_ 62.040793404884070.00.95515.40 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?xnqasnc-6276detid HTTP/1.1 0-4381420/95/39964_ 61.2020393311910.01.16520.52 3.224.220.101http/1.1www.krongthongsecurity.com:443GET /taagzna94022netidm57g.htm HTTP/1.1 0-4381420/101/40461_ 61.9020376077350.01.03574.04 147.182.168.210http/1.1localhost:80GET /about HTTP/1.1 0-4381420/91/39560_ 61.892660402763730.01.02502.87 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?ktzggdh-404661mitems/etidm61.htm HTTP/1.1 0-4381420/92/39851_ 61.653853406848450.01.29501.49 3.224.220.101http/1.1www.chonlateeboi.com:443GET /trust.php?85514nraritems/etid.html HTTP/1.1 0-4381420/97/40719_ 61.152897371974840.01.02508.84 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?73696nraretidm32mnb HTTP/1.1 0-4381420/88/39611_ 60.94113383963130.01.05517.20 139.144.150.45http/1.1localhost:80GET /server-status HTTP/1.1 0-4381420/94/39983_ 62.030674372362630.01.01509.38 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?85466nraritems/etid.html HTTP/1.1 0-4381420/95/39607_ 62.0300388295430.00.92488.15 74.207.237.114http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-4381420/237/39757_ 61.8600372883430.01.46533.93 147.182.168.210http/1.1localhost:80GET / HTTP/1.1 0-4381420/89/39556_ 61.8600379645750.01.13484.02 74.207.237.114http/1.1localhost:80GET / HTTP/1.1 0-4381420/85/39720_ 61.8920412049640.01.17510.99 74.207.237.114http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-4381420/105/39926_ 61.8630384036730.01.29500.67 147.182.168.210http/1.1localhost:80GET / HTTP/1.1 0-4381421/100/39586W 61.8600377526910.01.02554.93 147.182.168.210http/1.1localhost:80GET /server-status HTTP/1.1 0-4381420/92/40558_ 61.9810378808640.01.14534.84 139.144.150.45http/1.1localhost:80GET /server-status HTTP/1.1 0-4381420/86/40053_ 61.9410370499260.00.90492.59 3.224.220.101http/1.1www.krongthongsecurity.com:443GET /amhgzna51493uetidm43.html HTTP/1.1 0-4381420/92/40107_ 62.0200373449260.01.11518.07 147.182.168.210http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-4381420/97/40340_ 61.9810388431900.01.03553.42 147.182.168.210http/1.1localhost:80GET /v2/_catalog HTTP/1.1 0-4381420/92/39791_ 62.0200368714550.01.11522.85 139.144.150.45http/1.1localhost:80GET /_all_dbs HTTP/1.1 0-4381420/97/39925_ 61.902889392139990.01.18514.47 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?haaasnc-11486netidm5.htm HTTP/1.1 0-4381420/137/39735_ 61.752892412211190.01.88524.87 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?tqiggdh-404670vetidm55g.htm HTTP/1.1 0-4381420/91/39116_ 60.2901044365540550.01.08503.41 114.119.133.165http/1.1www.mkandptfoods.com:443GET /etajrvhu/novi-horor-filmovi-2023-netflix-usa.html HTTP/1.1 0-4381420/92/40067_ 61.442870375684130.00.92529.74 52.70.240.171http/1.1www.chonlateeboi.com:443GET /trust.php?85450nraretid HTTP/1.1 0-4381420/94/39349_ 61.811896392002110.00.99481.08 66.249.64.229http/1.1www.chonlateefood.com:443GET /mds.php?items/ggv16490ghgntidm.html HTTP/1.1 0-4381420/90/40033_ 61.8920377154460.00.98594.31 139.144.150.45http/1.1localhost:80GET /about HTTP/1.1 0-4381420/73/39245_ 61.9210375268390.00.98525.30 74.207.237.114http/1.1localhost:80GET /about HTTP/1.1 0-4381420/89/39865_ 62.0300415802640.00.99533.11 139.144.150.45http/1.1localhost:80GET /.DS_Store HTTP/1.1 0-4381420/88/39822_ 61.8920378782630.00.97514.05 3.224.220.101http/1.1www.krongthongsecurity.com:443GET /rtygzna98440litems/etidm17egl.html HTTP/1.1 0-4381421/84/39791W 61.8200373641180.00.92502.85 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?tqiggdh-406334vitems/etidm56g.html HTTP/1.1 0-4381421/97/39532W 61.8300381804870.00.95547.11 92.205.19.74http/1.1www.chonlateefood.com:443POST /wp-login.php HTTP/1.1 1-4390890/74/40976_ 45.2120379507860.00.85516.62 74.207.237.114http/1.1localhost:80GET / HTTP/1.1 1-4390890/64/40857_ 44.9102350389368850.00.71558.91 65.108.0.71http/1.1www.chonlateefood.com:443GET /tag/%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%97%E0%B8%B3%E0%B8%82 1-4390890/54/40611_ 45.232847390375880.00.68565.75 3.224.220.101http/1.1www.chonlateeboi.com:443GET /trust.php?62555nraretidm.html HTTP/1.1 1-4390890/65/40881_ 45.2400397366300.00.71573.95 139.144.150.45http/1.1localhost:80GET /login.action HTTP/1.1 1-4390890/78/41700_ 44.200893369032800.00.83633.62 20.15.133.185h2www.chonlateeaa.com:443[0/0] init 1-4390890/161/40594_ 44.362879367274070.01.11583.17 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?gtvggdh-385885iitems/etidm69 HTTP/1.1 1-4390890/66/40586_ 45.1630369467860.00.67540.78 139.144.150.45http/1.1localhost:80GET / HTTP/1.1 1-4390890/63/41106_ 44.201747393186890.00.76524.37 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /zlsyrve-48528fetidm34m HTTP/1.1 1-4390890/63/40729_ 45.2320381353270.00.68511.63 147.182.168.210http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 1-4390890/64/40808R 44.634854373842400.00.69520.71 185.191.171.12http/1.1www.chonlateefood.com:443 1-4390890/62/41359_ 45.1400370048630.00.56544.48 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /btigzna53912vetidm95ogv.htm HTTP/1.1 1-4390890/69/41161R 45.144659375131010.00.76512.21 20.15.133.185h2www.chonlateeaa.com:443
Found on 2023-12-11 23:57 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb317c3bbe397c3bbe39efb3b70cApache Status Apache Server Status for ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Thursday, 23-Nov-2023 00:23:57 ICT Restart Time: Monday, 20-Nov-2023 10:17:03 ICT Parent Server Config. Generation: 9 Parent Server MPM Generation: 8 Server uptime: 2 days 14 hours 6 minutes 54 seconds Server load: 1.35 1.87 1.62 Total accesses: 648043 - Total Traffic: 8.2 GB - Total Duration: 719137601 CPU Usage: u59.05 s12.71 cu9707.16 cs570.87 - 4.63% CPU load 2.9 requests/sec - 38.6 kB/second - 13.3 kB/request - 1109.71 ms/request 23 requests currently being processed, 105 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 06877no1yes131100 16697no2yes626001 36879no19yes527001 46881no2yes1121001 Sum4024 23105103 _W______________________________________W_R___W_W_________R___W_ ................................_______W_______WW_W____________W R__WW___RW__W____R____WW_____WW_................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-868770/28/5238_ 11.7612147419540.00.3672.54 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/jeg-elementor-kit/assets/js/elements/st 0-868771/24/4983W 11.101050374610.00.2661.56 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-json/ HTTP/1.1 0-868770/26/4909_ 11.720068876520.00.4060.32 139.59.182.142http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-868770/20/5096_ 11.84065348793540.00.2862.97 66.249.79.68http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?dmezkxl-2720retidm50qzr HTTP/1.1 0-868770/24/5147_ 11.7411251687560.00.2879.22 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/in 0-868770/24/5223_ 10.65092150709910.00.4062.71 161.35.176.95h2localhost:443[0/0] Software caused connection abort 0-868770/26/5076_ 11.791109751557000.00.3365.50 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?dnsecaw-246678fetidm53q.htm HTTP/1.1 0-868770/29/4975_ 11.541048178580.00.3561.72 128.199.61.251http/1.1localhost:80GET / HTTP/1.1 0-868770/17/5222_ 11.46150250388740.00.1660.80 85.208.96.204http/1.1www.mkandptfoods.com:443GET /wzy.php?m51926256234.html HTTP/1.1 0-868770/23/5316_ 11.73167148072370.00.2981.42 66.249.79.66http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?kklwxmt-38373yetidm69.html HTTP/1.1 0-868770/22/5256_ 11.7512349364210.00.3963.06 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4 0-868770/21/5363_ 11.721049590390.00.2476.17 128.199.61.251http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-868770/20/5306_ 11.23194452171030.00.3269.09 23.22.35.162http/1.1www.chonlateeboi.com:443GET /36021tbrmitems/etidm99.htm HTTP/1.1 0-868770/24/5290_ 11.7511549122730.00.2562.19 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/qi-addons-for-elementor/inc/plugins/ele 0-868770/21/4997_ 11.46164149334990.00.2556.97 66.249.71.4http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?pnqasnc-15212detidm9 HTTP/1.1 0-868770/26/4955_ 11.7613750751060.00.2359.21 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/ao 0-868770/26/4946_ 11.701047839840.00.3459.38 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 0-868770/21/5280_ 11.701048733620.00.2358.35 207.154.240.169http/1.1localhost:80GET / HTTP/1.1 0-868770/23/5034_ 11.701050217500.00.2771.03 178.62.73.12http/1.1localhost:80GET / HTTP/1.1 0-868770/23/5097_ 11.781050206330.00.3373.64 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/fronte 0-868770/20/4985_ 10.921049737540.00.2968.12 5.101.157.148http/1.1www.dinocoffees.com:443POST /wp-login.php HTTP/2.0 0-868770/19/5231_ 10.841044691110.00.2367.68 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /bqirtdd190230vf037b7e3 HTTP/1.1 0-868770/17/4975_ 11.101051856100.00.1463.12 161.35.176.95h2localhost:443[0/0] Software caused connection abort 0-868770/25/4984_ 11.771050753540.00.3173.04 128.199.61.251http/1.1localhost:80GET /about HTTP/1.1 0-868770/18/5064_ 11.42189349737180.00.2562.67 185.191.171.16http/1.1www.chonlateeboi.com:443GET /33364tzwaetidm9 HTTP/1.1 0-868770/19/5165_ 11.7612347535140.00.2667.24 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/themes/sydney/js/so-legacy.js?ver=6.3.2 HTTP/1. 0-868770/24/5260_ 11.701049453910.00.2285.08 139.59.182.142http/1.1localhost:80GET / HTTP/1.1 0-868770/17/5356_ 10.95080750357090.00.2085.39 223.24.157.217h2www.xn--12cx2bef7bl0boq4ch6gugw[0/0] init 0-868770/21/4933_ 11.3313749140460.00.2567.95 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/fronte 0-868770/14/5222_ 11.7511152407730.00.1859.91 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/pa 0-868770/16/5044_ 11.7512647464910.00.2564.72 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/themes/sydney/js/so-legacy-main.min.js?ver=6.3. 0-868770/25/5244_ 11.741346041050.00.3363.60 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/modal- 1-866970/21/5363_ 8.451054667380.00.2257.61 178.62.73.12http/1.1localhost:80GET /about HTTP/1.1 1-866970/17/4984_ 7.9716051429070.00.1959.48 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/qi-addons-for-elementor/assets/plugins/ 1-866970/21/5183_ 8.4915255143570.00.2759.77 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min 1-866970/13/5136_ 7.87084748848650.00.1668.55 139.59.182.142http/1.1 1-866970/12/5107_ 8.4913749951420.00.1758.07 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/themes/sydney/js/functions.min.js?ver=20230315 1-866970/12/5042_ 7.47189352521240.00.1361.33 161.35.27.144h2localhost:443[0/0] Software caused connection abort 1-866970/16/5474_ 8.521053860880.00.2663.46 139.59.182.142http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 1-866970/16/5294_ 7.920050744480.00.1768.77 161.35.27.144http/1.1 1-866971/18/5195W 7.691051338550.00.2070.38 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /comments/feed/ HTTP/1.1 1-866970/15/5461_ 7.2013153738510.00.1865.73 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/themes/sydney/js/scripts.js?ver=6.3.2 HTTP/1.1 1-866970/15/5456R 8.081272653685270.00.1672.12
Found on 2023-11-22 17:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3136c1425636c1425615133cb5Apache Status Apache Server Status for ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Saturday, 23-Sep-2023 13:24:42 +07 Restart Time: Saturday, 23-Sep-2023 04:02:11 +07 Parent Server Config. Generation: 1763 Parent Server MPM Generation: 1762 Server uptime: 9 hours 22 minutes 31 seconds Server load: 1.04 1.56 1.80 Total accesses: 60436 - Total Traffic: 1.0 GB - Total Duration: 85341679 CPU Usage: u2905.55 s5200.64 cu51112500 cs12504400 - 189000% CPU load 1.79 requests/sec - 32.4 kB/second - 18.1 kB/request - 1412.1 ms/request 4 requests currently being processed, 5 idle workers ._C.WW.___._W..................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1762-0/0/4812. 0.00130062941330.00.0088.23 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 1-1762146630/27/4675_ 12.590124265882980.00.3089.66 146.190.98.165http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /.vscode/sftp.json HTTP/1.1 2-1762144061/58/4808C 38.58071166819427.90.5168.30 188.85.81.233http/1.1www.dreamhightravel.com:443GET /wp-login.php HTTP/1.1 3-1762-0/0/4446. 0.0012437959040160.00.0067.95 54.88.179.33http/1.1www.nadapool.com:443GET / HTTP/1.1 4-1762145730/63/4570W 22.510059657200.02.1884.63 109.90.121.217http/1.1www.chonlateeseal.com:443GET //dat.sql HTTP/1.1 5-1762146510/33/4325W 17.350066421250.00.2261.12 146.190.98.165http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /about HTTP/1.1 6-1762-0/0/4163. 0.002061082840.00.0084.49 146.190.98.165http/1.1 7-1762142970/87/3789_ 73.032056162030.00.9255.39 159.89.83.196http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.0 8-1762146700/20/3844_ 41.901154438140.00.1673.53 159.89.83.196http/1.1localhost:80GET /v2/_catalog HTTP/1.0 9-1762145100/73/3490_ 26.430050383170.00.8250.24 159.89.83.196http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 10-1762-0/0/3263. 0.00136046027700.00.0053.32 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 11-1762146840/30/3165_ 15.441107146475860.00.2066.60 146.190.98.165http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 12-1762147030/22/2346W 41.080031291030.00.1446.57 159.89.83.196http/1.1localhost:80GET /server-status HTTP/1.0 13-1762-0/0/2094. 0.00176030340160.00.0032.67 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 14-1762-0/0/1805. 0.00703027437310.00.0034.04 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 15-1762-0/0/1617. 0.00379522431940.00.0030.27 172.68.234.227http/1.1www.thaidocuments.com:80GET /wp-content/uploads/2019/04/service-Home-03.jpg HTTP/1.0 16-1762-0/0/1155. 0.00767015091720.00.0023.13 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 17-1762-0/0/510. 0.0090306540790.00.009.30 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 18-1762-0/0/360. 0.0090106643500.00.0011.55 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1762-0/0/414. 0.0052325817410.00.007.34 66.249.71.67http/1.1www.plastandtrans.com:443GET /wp-content/plugins/so-widgets-bundle/css/slider/slider.css 20-1762-0/0/135. 0.0089901533870.00.006.49 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 21-1762-0/0/108. 0.00246301241820.00.005.15 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1762-0/0/63. 0.00245602534870.00.009.38 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 23-1762-0/0/35. 0.0024690235960.00.001.87 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 24-1762-0/0/118. 0.00201401364080.00.003.02 49.0.249.187http/1.1www.uniqueworkthailand.com:80POST /xmlrpc.php HTTP/1.0 25-1762-0/0/28. 0.0024570173890.00.000.44 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1762-0/0/4. 0.0024530157610.00.000.07 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 27-1762-0/0/3. 0.002461096260.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1762-0/0/4. 0.0024580111560.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 29-1762-0/0/58. 0.0023830579870.00.000.70 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 30-1762-0/0/100. 0.0020137711412600.00.001.40 51.79.24.51http/1.1www.chonlateekeyman.com:443POST //wp-login.php HTTP/1.1 31-1762-0/0/3. 0.0024540124930.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 32-1762-0/0/4. 0.002471079740.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 33-1762-0/0/4. 0.0024460129440.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 34-1762-0/0/4. 0.0024480108370.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 35-1762-0/0/9. 0.0024550178550.00.000.15 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 36-1762-0/0/6. 0.0024390134700.00.000.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 37-1762-0/0/2. 0.002477570.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 38-1762-0/0/3. 0.002459086730.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 39-1762-0/0/1. 0.002476000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 40-1762-0/0/84. 0.00204602081880.00.001.29 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 41-1762-0/0/1. 0.002475000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 42-1762-0/0/8. 0.0024240123820.00.000.04 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 132subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 84 seconds, (range: 5...223)index usage: 4%, cache usage: 6%total entries stored since starting: 9499total entries replaced since starting: 0total entries expired since starting: 9367total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 366 hit, 19052 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-23 06:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3136c1425636c1425695839b94Apache Status Apache Server Status for ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Wednesday, 20-Sep-2023 13:39:15 +07 Restart Time: Wednesday, 20-Sep-2023 13:38:45 +07 Parent Server Config. Generation: 1749 Parent Server MPM Generation: 1748 Server uptime: 29 seconds Server load: 1.37 1.59 1.37 Total accesses: 111 - Total Traffic: 845 kB - Total Duration: 58489 CPU Usage: u2661.45 s5135.87 cu50937800 cs12467100 - 2.19e+8% CPU load 3.83 requests/sec - 29.1 kB/second - 7.6 kB/request - 526.928 ms/request 7 requests currently being processed, 4 idle workers _R_W_W_RWWR....................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1748323550/17/17_ 2.920180690.00.200.20 144.126.202.105http/1.1localhost:80GET /server-status HTTP/1.0 1-1748323560/9/9R 6.3202219137490.00.200.20 138.197.88.136http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 2-1748323570/19/19_ 4.8901101960.00.130.13 162.243.161.105http/1.1localhost:80GET /v2/_catalog HTTP/1.0 3-1748323580/17/17W 1.980037670.00.130.13 134.122.89.242http/1.1localhost:80GET /server-status HTTP/1.0 4-1748323590/16/16_ 2.390180580.00.090.09 143.42.118.5http/1.1 5-1748324030/9/9W 2.580049550.00.020.02 124.120.35.241http/1.1www.chonlateefbc.com:80POST /wp-admin/admin-ajax.php HTTP/1.0 6-1748324100/7/7_ 2.460148020.00.020.02 165.232.76.155http/1.1localhost:80GET /server-status HTTP/1.0 7-1748324170/6/6R 1.300126425380.00.010.01 207.154.240.169http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.0 8-1748324180/9/9W 1.280023470.00.030.03 124.120.35.241http/1.1www.chonlateefbc.com:80POST /wp-admin/admin-ajax.php HTTP/1.0 9-1748324330/2/2W 0.000030.00.000.00 45.61.184.148http/1.1www.seasabithailand.com:443GET /wp-login.php HTTP/1.1 10-1748324390/0/0R 0.000000.00.000.00 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 15subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 288 seconds, (range: 274...295)index usage: 0%, cache usage: 0%total entries stored since starting: 15total entries replaced since starting: 0total entries expired since starting: 0total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 0 hit, 82 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-20 06:37
-
-
Apache server-status page is publicly available
The server-status page (usually
/server-status) allows server administrators to find out how well their server is performing.This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
IP: 203.170.192.183
Domain: mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
Port: 80
URL: http://mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.comFirst seen 2023-09-20 06:37
Last seen 2024-02-02 07:14
Open for 135 days-
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31ef8c38d2ef8c38d2d574c8e2Apache Status Apache Server Status for mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Friday, 02-Feb-2024 14:14:36 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 93 Parent Server MPM Generation: 92 Server uptime: 28 days 4 hours 13 minutes 15 seconds Server load: 2.00 2.01 2.00 Total accesses: 1846536 - Total Traffic: 23.8 GB - Total Duration: 2141102326 CPU Usage: u207.62 s114.35 cu32089.3 cs2210.25 - 1.42% CPU load .759 requests/sec - 10.3 kB/second - 13.5 kB/request - 1159.52 ms/request 2 requests currently being processed, 126 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 029373no0yes131000 229661no3yes131003 329394no0yes032000 529374no0yes032000 Sum403 2126003 _________________R______________................................ _W______________________________________________________________ ................................________________________________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-92293730/28/14776_ 11.37220160260910.00.13193.76 162.243.161.105http/1.1localhost:443GET /.DS_Store HTTP/1.1 0-92293730/25/15268_ 11.37220139013290.00.09198.95 143.110.156.182http/1.1localhost:443GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-92293730/27/14840_ 11.1812150309240.00.13192.70 167.99.184.41http/1.1localhost:80GET /server-status HTTP/1.1 0-92293730/24/15017_ 11.38180145874870.00.07185.95 162.243.186.177http/1.1localhost:443GET /config.json HTTP/1.1 0-92293730/23/14921_ 11.29150147711640.00.14185.41 146.190.98.165http/1.1localhost:443GET / HTTP/1.1 0-92293730/23/15150_ 11.39170156649100.00.09188.50 162.243.186.177http/1.1localhost:443GET /telescope/requests HTTP/1.1 0-92293730/23/14823_ 11.35240145588360.00.11200.21 143.42.118.5http/1.1localhost:80GET /config.json HTTP/1.1 0-92293730/19/15126_ 11.29140150181980.00.06187.56 138.197.88.136h2localhost:443[0/0] Software caused connection abort 0-92293730/27/15094_ 11.36160145226800.00.07229.87 138.197.88.136http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-92293730/29/15223_ 11.37220148853290.00.14194.87 146.190.64.200http/1.1localhost:443GET /_all_dbs HTTP/1.1 0-92293730/30/14790_ 11.35220154393210.00.08200.68 143.42.118.5http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-92293730/25/14798_ 11.21227147156100.00.07195.44 146.190.98.165http/1.1localhost:443GET /server-status HTTP/1.1 0-92293730/32/14663_ 11.35220137182690.00.13185.49 161.35.176.95http/1.1localhost:80GET /config.json HTTP/1.1 0-92293730/28/14819_ 11.3980169086470.00.07186.00 165.232.76.155http/1.1localhost:80GET / HTTP/1.1 0-92293730/22/15768_ 11.35240141614970.00.08187.74 162.243.161.105http/1.1localhost:443GET / HTTP/1.1 0-92293730/28/14820_ 11.36170165341170.00.07182.46 137.184.150.232http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-92293730/29/14868_ 11.3500143404940.00.09206.34 143.42.118.5http/1.1localhost:80GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-92293730/26/14933R 11.37260144939910.00.09189.27 138.197.88.136http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-92293730/21/14749_ 11.29150160388130.00.03200.51 164.90.205.35http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-92293730/29/14974_ 11.37190144639320.00.11193.79 138.197.88.136http/1.1localhost:443GET /config.json HTTP/1.1 0-92293730/24/14961_ 11.30260181495750.00.13193.40 167.99.8.63http/1.1localhost:80GET /v2/_catalog HTTP/1.1 0-92293730/25/14990_ 11.23160147053460.00.08204.06 167.99.8.63http/1.1localhost:80\x16\x03\x01\x01\x1c\x01 0-92293730/28/15446_ 11.25170150748520.00.14188.26 162.243.161.105h2localhost:443[0/0] Software caused connection abort 0-92293730/26/14657_ 11.37190138764970.00.13190.18 162.243.186.177http/1.1localhost:443GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-92293730/30/14954_ 11.38190162205790.00.08186.86 146.190.64.200http/1.1localhost:443GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-92293730/28/14631_ 11.4310135981450.00.12196.97 164.92.192.25http/1.1localhost:443GET / HTTP/1.1 0-92293730/21/15128_ 11.4310144713420.00.04194.48 165.232.76.155http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-92293730/24/14909_ 11.38170159187380.00.04213.29 162.243.161.105http/1.1localhost:443GET /telescope/requests HTTP/1.1 0-92293730/27/14714_ 11.3530152174320.00.10175.91 139.144.150.45h2localhost:443[0/0] Software caused connection abort 0-92293730/22/15170_ 11.35220135139100.00.08225.12 159.223.102.13http/1.1localhost:80GET /.env HTTP/1.1 0-92293730/29/14648_ 11.28160155571710.00.04199.12 146.190.64.200h2localhost:443[0/0] Software caused connection abort 0-92293730/22/14912_ 11.2980145814950.00.12185.11 146.190.64.200h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15731. 0.00360610138364770.00.00219.29 137.184.162.65http/1.1localhost:80GET /.git/config HTTP/1.1 1-92-0/0/15813. 0.00360610136849580.00.00198.68 139.144.150.23http/1.1localhost:443GET /login.action HTTP/1.1 1-92-0/0/15602. 0.00360610174090190.00.00199.96 159.203.44.43h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15318. 0.00360610150896030.00.00189.46 164.92.84.255http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 1-92-0/0/15276. 0.00360610146566320.00.00197.93 159.203.44.43http/1.1localhost:443GET /.git/config HTTP/1.1 1-92-0/0/15655. 0.00360610134151790.00.00198.79 139.144.150.23http/1.1localhost:443GET /.DS_Store HTTP/1.1 1-92-0/0/15351. 0.00360610172789920.00.00188.15 159.223.102.13http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-92-0/0/15185. 0.00360610165483380.00.00189.07 64.227.126.135h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15335. 0.00360610127395500.00.00211.76 134.122.34.144http/1.1localhost:443GET /telescope/requests HTTP/1.1 1-92-0/0/14956. 0.00360610152319130.00.00188.74 159.203.44.43http/1.1localhost:443GET / HTTP/1.1 1-92-0/0/15041. 0.00360610148013860.00.00204.86 164.92.84.255http/1.1localhost:443GET /login.action HTTP/1.1 1-92-0/0/15506. 0.00360610159268070.00.00208.73 139.144.96.150http/1.1localhost:443GET /config.json HTTP/1.1 1-92-0/0/15329. 0.00360610159504030.00.00200.56 45.55.193.222http/1.1localhost:
Found on 2024-02-02 07:14 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31ef8c38d2ef8c38d2af746dd7Apache Status Apache Server Status for mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Sunday, 07-Jan-2024 10:24:33 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 8 Parent Server MPM Generation: 7 Server uptime: 2 days 23 minutes 12 seconds Server load: 3.05 2.87 2.74 Total accesses: 814676 - Total Traffic: 11.0 GB - Total Duration: 1006061946 CPU Usage: u188.7 s16.14 cu13881.1 cs728.27 - 8.5% CPU load 4.68 requests/sec - 66.3 kB/second - 14.2 kB/request - 1234.92 ms/request 10 requests currently being processed, 54 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 016374no2yes329000 216287no8yes725002 Sum2010 1054002 __________W___RW________________................................ _W__W_WW__________W___________WR................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-7163740/63/6280_ 33.411085365020.00.9792.77 139.59.182.142http/1.1localhost:80GET /about HTTP/1.1 0-7163740/60/6766_ 32.890062367510.00.7689.17 159.223.108.26http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-7163740/60/6277_ 33.35488374316470.00.6692.73 185.191.171.4http/1.1www.chonlateeadmin.com:443GET /nzcmbwb-27820petidm7 HTTP/1.1 0-7163740/48/6578_ 33.134227571625450.00.6385.39 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /rigxhvp-290titems/etid.html HTTP/1.1 0-7163740/45/6309_ 32.996071472820.00.8381.80 178.62.73.12http/1.1localhost:443GET /.git/config HTTP/1.1 0-7163740/62/6701_ 33.38211980104590.00.7489.02 161.35.176.95http/1.1localhost:80GET / HTTP/1.1 0-7163740/46/6490_ 33.016060620330.00.6099.23 159.223.108.26http/1.1localhost:443GET /_all_dbs HTTP/1.1 0-7163740/51/6555_ 32.84685669652390.00.5785.77 23.22.35.162http/1.1www.chonlateeboi.com:443GET /36835idtuitems/etidm HTTP/1.1 0-7163740/60/6558_ 33.38291764882890.00.76127.68 3.224.220.101http/1.1www.chonlateeboi.com:443GET /35540qbkeitems/etidm8.html HTTP/1.1 0-7163740/55/6479_ 33.354073470530.00.9483.47 47.128.96.166http/1.1www.xn--12cx2bef7bl0boq4ch6gugwGET /tag/%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9B%E0%B8%A5%E0%B8%B2 0-7163741/61/6224W 32.960078364410.00.7579.36 85.208.96.200http/1.1www.chonlateeadmin.com:443GET /gxvxktd-38681ieti.html HTTP/1.1 0-7163740/51/6179_ 33.29084379761390.00.5780.55 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /iuxxhvp-281keti.html HTTP/1.1 0-7163740/58/6253_ 33.19384055252210.00.7582.78 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /icxxhvp-307kitems/etidm HTTP/1.1 0-7163740/62/6473_ 33.136104183790930.00.7486.96 66.249.73.10http/1.1www.chonlateeadmin.com:443GET /trust.php?ateqgmy-297505retid.htm HTTP/1.1 0-7163740/62/6891R 32.856062331060.00.7188.66 52.70.240.171http/1.1www.chonlateeboi.com:443 0-7163741/62/6233W 33.260086429130.00.7381.27 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /ocdxhvp-287qetidm27bp.html HTTP/1.1 0-7163740/49/6395_ 33.11184366495950.00.6683.16 162.243.184.251h2localhost:443[0/0] Software caused connection abort 0-7163740/54/6533_ 33.382964526650.00.6985.00 139.59.182.142http/1.1localhost:80GET / HTTP/1.1 0-7163740/62/6555_ 33.450104671407020.00.7983.44 23.22.35.162http/1.1www.chonlateeboi.com:443GET /35664qbkeetidm88sqh.htm HTTP/1.1 0-7163740/67/6321_ 33.16488170712040.00.8088.62 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /eutxhvp-277gitems/etidm16 HTTP/1.1 0-7163740/66/6601_ 33.430094670840.00.8291.42 139.59.182.142http/1.1localhost:80GET /v2/_catalog HTTP/1.1 0-7163740/56/6273_ 33.38212988774337400.00.7285.02 94.228.169.107http/1.1www.thesungolden.com:443POST /wp-content/uploads/wpr-addons/forms/061f69806f7d.php HTTP 0-7163740/55/6836_ 33.242778912360.00.5891.01 203.170.192.183http/1.1www.mkandptfoods.com:443POST /wp-cron.php?doing_wp_cron=1704597865.60956001281738281250 0-7163740/62/6372_ 33.36383865232890.00.7691.55 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /rigxhvp-290titems/etid.html HTTP/1.1 0-7163740/54/6278_ 33.38283977137130.00.6478.83 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /xkmxhvp-296zitems/etidm37kxz.html HTTP/1.1 0-7163740/67/6395_ 33.34463259487070.00.8082.74 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /ectxhvp-40135gitems/etidm26rp HTTP/1.1 0-7163740/65/6383_ 32.854072904760.00.8492.23 137.184.106.30http/1.1localhost:80GET /config.json HTTP/1.1 0-7163740/50/6376_ 33.02483979661630.00.64112.86 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /fkuxhvp-7064hitems/etidm89sxh.html HTTP/1.1 0-7163740/47/6300_ 33.02178168397500.00.6079.50 162.243.184.251h2localhost:443[0/0] Software caused connection abort 0-7163740/51/6570_ 32.852074441200.00.57118.43 47.128.96.166h2www.xn--12cx2bef7bl0boq4ch6gugw[0/0] init 0-7163740/56/6266_ 33.28084669276560.00.5791.85 74.207.237.46http/1.1 0-7163740/64/6582_ 33.032071835880.00.7484.67 159.223.108.26http/1.1localhost:443GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 1-7-0/0/6466. 0.00166142274721740.00.0084.07 51.15.59.15http/1.1www.happy-carrent.com:443POST /xmlrpc.php HTTP/1.1 1-7-0/0/6249. 0.00166145268360270.00.0079.42 66.249.71.201http/1.1www.twinbuilt.co.th:443GET /?e=5501-seminary-rd-unit-2305s-falls-church-va-22041-5-ii- 1-7-0/0/6212. 0.001661959100680970.00.0080.31 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /pveitgo-24936retidm30cir.htm HTTP/1.1 1-7-0/0/5977. 0.00166184377800350.00.0079.41 52.167.144.137h2www.chonlateenextbiz.com:443[1/1] done: stream 1, GET /8pcpoe/best-cursive-fonts-for-tattoo 1-7-0/0/6152. 0.00166184376922630.00.0092.62 52.70.240.171http/1.1www.chonlateeboi.com:443GET /42454qecvetidm79w HTTP/1.1 1-7-0/0/6223. 0.00166184766598140.00.0081.75 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /ntcitgo-35802petid.htm HTTP/1.1 1-7-0/0/6251. 0.001661219370593040.00.0079.56 52.70.240.171http/1.1www.chonlateeboi.com:443GET /19075oqmiitems/etidm HTTP/1.1 1-7-0/0/6319. 0.00166188579594730.00.0084.70 52.167.144.186h2www.happy-carrent.com:443GET /wp-content/uploads/2018/09/Page-02-1024x410.jpg HTTP/2.0 1-7-0/0/6288. 0.001661114057278660.00.0081.40 52.167.144.186h2www.happy-carrent.com:443[1/1] done: stream 1, GET /wp-content/uploads/2018/09/Page-02-1 1-7-0/0/6224. 0.00166130979955160.00.0086.70 163.172.106.185http/1.1www.tspaccount.net:443POST /wp-login.php HTTP/1.1 1-7-0/0/6028. 0.00166167377872850.00.0086.08 185.191.171.5http/1.1www.chonlateefood.com:443GET /getid/rig11587vvpiitems HTTP/1.1 1-7-0/0/6552. 0.00166197160633540.00.0094.71 52.70.240.171http/1.1www.chonlateeboi.com:443GET /20484tbrmetidm1.htm HTTP/1.1
Found on 2024-01-07 03:24 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31ef8c38d2ef8c38d254bf7f62Apache Status Apache Server Status for mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Saturday, 06-Jan-2024 02:19:51 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 3 Parent Server MPM Generation: 2 Server uptime: 16 hours 18 minutes 30 seconds Server load: 2.84 2.81 2.76 Total accesses: 293148 - Total Traffic: 4.1 GB - Total Duration: 256319907 CPU Usage: u658.22 s35.72 cu4282.28 cs230.01 - 8.87% CPU load 4.99 requests/sec - 74.1 kB/second - 14.8 kB/request - 874.37 ms/request 13 requests currently being processed, 115 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 019907no1yes131001 419908no7yes527005 719927no3yes428001 919931no9yes329015 Sum4020 131150112 ______________________________R_................................ ................................................................ ________W__R___RR_________R_____................................ ................................RW__________W______W____________ ................................____W_________W___________W_____ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-2199070/232/3075_ 139.17586125456600.02.6445.67 66.249.71.170http/1.1www.chonlateeadmin.com:443GET /trust.php?ubxaonh-227169kitems/eti HTTP/1.1 0-2199070/225/3320_ 137.89084524069460.02.8943.84 3.224.220.101http/1.1www.chonlateeboi.com:443GET /4582biwxetidm51g HTTP/1.1 0-2199070/218/3011_ 139.193036744310.02.7152.35 147.182.168.210http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-2199070/223/3253_ 138.783114326655770.02.8941.36 66.249.72.66http/1.1www.chonlateeadmin.com:443GET /trust.php?lanaonh-355834aitems/eti HTTP/1.1 0-2199070/208/3132_ 139.165024584760.02.3539.17 147.182.168.210http/1.1localhost:443GET / HTTP/1.1 0-2199070/222/3375_ 139.136104527225250.03.0042.69 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?ltaggdh-186964netidm8 HTTP/1.1 0-2199070/227/3149_ 138.86192524651200.02.7954.36 178.128.151.41h2localhost:443[0/0] Software caused connection abort 0-2199070/242/3162_ 139.241025500990.02.5740.97 192.53.126.23http/1.1localhost:443GET /.DS_Store HTTP/1.1 0-2199070/234/3209_ 138.12484125403770.02.5183.30 23.22.35.162http/1.1www.chonlateeboi.com:443GET /22341yktqitems/etidm78.htm HTTP/1.1 0-2199070/220/3141_ 139.174024553870.02.8440.66 192.53.126.23http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-2199070/226/3073_ 138.675117228093640.02.7637.76 203.170.192.183http/1.1www.12gobiz.com:443GET /%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%9B%E0%B8%A3%E0%B8%B6%E0% 0-2199070/242/3019_ 137.76587024710920.02.8238.88 66.249.71.169http/1.1www.chonlateeadmin.com:443GET /trust.php?xnwaonh-223168jetidm1 HTTP/1.1 0-2199070/210/2977_ 138.57086524644010.02.4940.71 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?yunggdh-230839aitems/etidm61lh HTTP/1.1 0-2199070/209/3261_ 138.99383935957320.02.5644.22 66.249.71.169http/1.1www.chonlateeadmin.com:443GET /trust.php?izkvrsm-193019xitems/etid.html HTTP/1.1 0-2199070/224/3319_ 139.212028063520.02.4744.46 178.62.73.12http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-2199070/196/3045_ 136.595406025565610.02.2539.42 161.35.27.144h2localhost:443[0/0] Software caused connection abort 0-2199070/211/2998_ 139.211028627350.02.6238.92 147.182.168.210http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-2199070/216/3295_ 139.240024190570.02.4443.61 139.144.150.8http/1.1localhost:80GET /v2/_catalog HTTP/1.1 0-2199070/216/3190_ 138.965024001030.02.5641.57 91.92.252.141http/1.1www.chonlateevip.com:80GET /wp-includes/images/include.php HTTP/1.1 0-2199070/215/3036_ 139.270112728560310.02.4844.81 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?vmyhlzs-314114letid.htm HTTP/1.1 0-2199070/221/3086_ 139.240104924066720.02.8343.86 147.182.168.210http/1.1localhost:443GET /server-status HTTP/1.1 0-2199070/208/3134_ 139.166026436990.02.5944.77 192.53.126.23http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-2199070/235/3480_ 138.62688324394330.02.7544.23 66.249.72.65http/1.1www.chonlateeadmin.com:443GET /trust.php?ejaecaw-329203netidm1 HTTP/1.1 0-2199070/195/2968_ 139.013524183700.02.2439.04 139.59.182.142http/1.1localhost:80GET /server-status HTTP/1.1 0-2199070/229/3038_ 138.56083824439590.02.7938.79 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?jufhsbr-12424sitems/eti HTTP/1.1 0-2199070/218/3018_ 139.20284824256070.02.7639.20 3.224.220.101http/1.1www.chonlateeboi.com:443GET /44139ztiaitems/etidm.htm HTTP/1.1 0-2199070/205/3097_ 138.91086127388060.02.7749.86 85.208.96.201http/1.1www.chonlateeadmin.com:443GET /fruemnz-5244hetidm8.htm HTTP/1.1 0-2199070/203/3079_ 138.50184628489640.02.7569.97 159.89.83.196h2localhost:443[0/0] Software caused connection abort 0-2199070/219/2984_ 139.042024507160.02.5637.53 139.59.182.142http/1.1localhost:80GET /.DS_Store HTTP/1.1 0-2199070/226/3335_ 139.165023174080.02.6578.21 159.203.63.67http/1.1localhost:443GET / HTTP/1.1 0-2199070/225/3034R 139.10884224384360.02.8346.93 3.224.220.101http/1.1 0-2199070/228/3391_ 139.091327203250.02.8141.44 147.182.168.210http/1.1localhost:443GET /server-status HTTP/1.1 1-1-0/0/2323. 0.00688186617630010.00.0030.27 207.46.13.154http/1.1www.thaidaoherb.com:443GET /9i7h/dyv42461ryyhc053875235.html HTTP/2.0 1-1-0/0/2100. 0.006881173417390000.00.0027.02 66.249.71.7http/1.1www.chonlateenextbiz.com:443GET /db.php?g3192039.shtml HTTP/1.1 1-1-0/0/2227. 0.006881107117630050.00.0030.69 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?rngadej-26472tetidm80eat.htm HTTP/1.1 1-1-0/0/2089. 0.006881211517285130.00.0027.89 66.249.69.229http/1.1www.chonlateenextbiz.com:443GET /db.php?g335424.shtml HTTP/1.1 1-1-0/0/2129. 0.00688185117106500.00.0032.51 52.70.240.171http/1.1www.chonlateeboi.com:443GET /48835biwxitems/etidm HTTP/1.1 1-1-0/0/2185. 0.00688185816794840.00.0028.38 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?jryadej-23266letid HTTP/1.1 1-1-0/0/2135. 0.00688197217421340.00.0026.37 23.22.35.162http/1.1www.chonlateeboi.com:443GET /22684biwxetidm7 HTTP/1.1 1-1-0/0/2185. 0.0068811717237790.00.0029.46 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?papaw99.xml HTTP/1.1 1-1-0/0/2163. 0.00688184617365570.00.0029.98 23.22.35.162http/1.1www.chonlateeboi.com:443GET /42349biwxitems/etidm52 HTTP/1.1 1-1-0/0/2112. 0.00688189516912400.00.0027.55 185.191.171.3http/1.1www.chonlateefood.com:443GET /geti/cer43578htewitems.htm HTTP/1.1 1-1-0/0/2118. 0.006881102016733450.00.0031.98 157.55.39.202h2www.chonlateeadmin.com:443[1/1] done: stream 1, GET /tviipbe-49432vetidm29giv 1-
Found on 2024-01-05 19:19 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31ef8c38d2ef8c38d279e4c4aaApache Status Apache Server Status for mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Monday, 11-Dec-2023 19:18:32 ICT Restart Time: Friday, 01-Dec-2023 00:22:58 ICT Parent Server Config. Generation: 41 Parent Server MPM Generation: 40 Server uptime: 10 days 18 hours 55 minutes 34 seconds Server load: 1.05 0.87 0.90 Total accesses: 4251754 - Total Traffic: 54.6 GB - Total Duration: 4033751460 CPU Usage: u262.24 s48.34 cu76365.7 cs4002.43 - 8.66% CPU load 4.56 requests/sec - 61.4 kB/second - 13.5 kB/request - 948.726 ms/request 12 requests currently being processed, 52 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 010297no0yes329000 22452no5yes923001 Sum205 1252001 ___W_________________________WW_................................ __WW___R_W___W___R_______R__WW__................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-40102970/99/38326_ 59.263888349638290.01.32485.73 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?lnaadej-140528nitems/etidm58yan.html HTTP/1.1 0-40102970/94/37655_ 59.273873356595330.01.11476.21 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?tbmooqo-2736zetidm58g HTTP/1.1 0-40102970/109/38040_ 58.960691391431180.01.27488.23 51.222.253.10http/1.1www.thai-pack.com:443GET /robots.txt HTTP/2.0 0-40102971/107/38114W 59.0800378858670.01.21498.66 3.224.220.101http/1.1www.chonlateeboi.com:443GET /trust.php?232113evvmitems/eti.htm HTTP/1.1 0-40102970/93/38606_ 59.072879360430650.01.15552.37 52.70.240.171http/1.1www.chonlateeboi.com:443GET /trust.php?295797evvmitems/etidm92.htm HTTP/1.1 0-40102970/98/37673_ 58.243631389570520.01.33477.15 79.137.206.177http/1.1www.mkandptfoods.com:443POST /bdb1c307e65f.php HTTP/1.1 0-40102970/93/38022_ 58.964663390392880.01.16479.85 178.128.151.41h2localhost:443[0/0] Software caused connection abort 0-40102970/96/38763_ 59.1200358722510.01.21486.81 178.128.151.41h2localhost:443[0/0] Software caused connection abort 0-40102970/83/37741_ 59.3020370713710.00.98494.99 139.59.65.144http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-40102970/88/38174_ 58.783646358675970.01.04488.71 54.36.149.106h2www.thai-pack.com:443[1/1] done: stream 1, GET /wp-content/uploads/2020/04/11-paper- 0-40102970/96/37677_ 59.2730374486490.01.14459.01 162.243.184.251http/1.1localhost:80GET /about HTTP/1.1 0-40102970/104/37782_ 59.072869358350640.01.21508.84 66.249.71.2http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?oahynxw-40249uetidm32bn.html HTTP/1.1 0-40102970/90/37599_ 58.161890365712740.01.06458.79 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?271454evvmitems/etidm96o.html HTTP/1.1 0-40102970/89/37817_ 59.2530394757060.01.09488.13 147.182.130.98http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-40102970/91/38088_ 59.292908369917770.01.17478.94 192.42.116.174http/1.1www.dinocoffees.com:443POST /xmlrpc.php HTTP/1.1 0-40102970/109/37734_ 59.1600362762480.01.22533.28 147.182.130.98http/1.1localhost:80GET / HTTP/1.1 0-40102970/94/38744_ 59.043846366336580.01.18513.65 54.36.149.106http/1.1www.thai-pack.com:443GET /wp-content/uploads/2020/04/11-paper-bag.jpg?gid=1 HTTP/2.0 0-40102970/89/38186_ 59.3800356889370.01.06471.54 139.59.65.144http/1.1localhost:443GET /.DS_Store HTTP/1.1 0-40102970/94/38205_ 58.922860358462480.020.59494.78 52.70.240.171http/1.1www.chonlateeboi.com:443GET /trust.php?282661evvmitems/etidm85 HTTP/1.1 0-40102970/100/38529_ 58.964646374472020.01.25502.22 139.59.65.144http/1.1 0-40102970/76/37902_ 59.2630352457630.00.85500.55 139.59.65.144http/1.1localhost:443GET / HTTP/1.1 0-40102970/101/38103_ 59.3020376983820.01.15493.05 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /fpmcktp3112zk6p4bpb/0d8efd9cfe.html HTTP/1.1 0-40102970/103/37804_ 59.0130395798310.01.21501.41 178.128.151.41h2localhost:443[0/0] Software caused connection abort 0-40102970/95/37150_ 58.743875351890680.01.13462.68 139.59.65.144h2localhost:443[0/0] Software caused connection abort 0-40102970/97/38168_ 59.3210361785830.01.19508.03 139.59.65.144http/1.1localhost:443GET /login.action HTTP/1.1 0-40102970/92/37458_ 59.2340378914780.01.07458.63 147.182.130.98http/1.1localhost:80GET / HTTP/1.1 0-40102970/99/38193_ 57.654836362590360.01.10571.95 40.77.188.112h2www.summer-techthai.com:443[0/0] init 0-40102970/87/37423_ 57.064686361095580.01.19498.66 40.77.188.112h2www.summer-techthai.com:443[1/1] done: stream 1, GET /wp-content/uploads/2023/07/%E0%B8%94 0-40102970/88/37994_ 59.292869401884750.01.04511.12 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?282674evvmitems/etid.html HTTP/1.1 0-40102971/83/37886W 58.4600365251700.00.99491.41 192.42.116.174http/1.1www.dinocoffees.com:443POST /xmlrpc.php HTTP/1.1 0-40102971/93/38005W 58.2000357890470.01.07482.12 66.249.64.227http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?grhlbze-29919uetidm50te.html HTTP/1.1 0-40102970/96/37727_ 58.3031784366008410.01.57525.76 139.59.65.144h2localhost:443[0/0] Software caused connection abort 1-40-0/0/38863. 0.001163863364752980.00.00492.68 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?291574evvmetidm20k HTTP/1.1 1-40-0/0/38802. 0.001163917373119540.00.00535.20 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?qwfadej-222771sitems/etidm.htm HTTP/1.1 1-40-0/0/38626. 0.001163603374504180.00.00537.29 66.249.64.102http/1.1www.chonlateefbc.com:443GET /?m=macbook-air-mac-book-pro-imac-mac-mini-macbook-mm-OPeRV 1-40-0/0/38884. 0.001163635382396960.00.00547.99 66.249.64.102http/1.1www.chonlateefbc.com:443GET /?m=genuine-msi-crosshair-15-r6e-b12ugz-414tr-battery-90wh- 1-40-0/0/39629. 0.001163623354047560.00.00604.02 66.249.71.165http/1.1www.chonlateefbc.com:443GET /?m=air-filter-472306-for-komatsu-engine-4d94-4d95s-p40-mm- 1-40-0/0/38433. 0.001163891350986300.00.00551.36 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /trust.php?nncadej-289744petidm66aap HTTP/1.1 1-40-0/0/38562. 0.001163843351221390.00.00517.38 121.4.151.114http/1.1 1-40-0/0/38902. 0.001163868378421350.00.00496.70 65.109.127.29http/1.1www.thesungolden.com:443GET /tzeu2e/best-cheap-wonderkid-fm-2023.html HTTP/1.1 1-40-0/0/38702. 0.0011631051367400040.00.00487.21 52.70.240.171http/1.1www.chonlateeboi.com:443GET /trust.php?214574evvmitems/etidm53w.html HTTP/1.1 1-40-0/0/38838. 0.0011630359455680.00.00497.82 3.233.221.90http/1.1www.12gobiz.com:443GET /tag/%E0%B8%97%E0%B8%B3%E0%B8%9A%E0%B8%B1%E0%B8%8D%E0%B8%8A 1-40-0/0/39346. 0.0011630355193580.00.00521.44 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /xebcatalogpcov/9112 HTTP/1.1 1-40-
Found on 2023-12-11 12:18 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31ef8c38d2ef8c38d234ced4afApache Status Apache Server Status for mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Thursday, 23-Nov-2023 00:23:57 ICT Restart Time: Monday, 20-Nov-2023 10:17:03 ICT Parent Server Config. Generation: 9 Parent Server MPM Generation: 8 Server uptime: 2 days 14 hours 6 minutes 54 seconds Server load: 1.35 1.87 1.62 Total accesses: 648047 - Total Traffic: 8.2 GB - Total Duration: 719137613 CPU Usage: u59.11 s12.72 cu9707.16 cs570.87 - 4.63% CPU load 2.9 requests/sec - 38.6 kB/second - 13.3 kB/request - 1109.7 ms/request 25 requests currently being processed, 103 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 06877no1yes131100 16697no2yes626001 36879no19yes725001 46881no2yes1121001 Sum4024 25103103 _W______________________________________W_R___W_W_________R___W_ ................................____R__W__R____WWR_____________W W__WW____W__W_W_____R_WW_____WW_................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-868770/28/5238_ 11.7612147419540.00.3672.54 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/jeg-elementor-kit/assets/js/elements/st 0-868771/24/4983W 11.101050374610.00.2661.56 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-json/ HTTP/1.1 0-868770/26/4909_ 11.720068876520.00.4060.32 139.59.182.142http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-868770/20/5096_ 11.84065348793540.00.2862.97 66.249.79.68http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?dmezkxl-2720retidm50qzr HTTP/1.1 0-868770/24/5147_ 11.7411251687560.00.2879.22 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/in 0-868770/24/5223_ 10.65092150709910.00.4062.71 161.35.176.95h2localhost:443[0/0] Software caused connection abort 0-868770/26/5076_ 11.791109751557000.00.3365.50 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?dnsecaw-246678fetidm53q.htm HTTP/1.1 0-868770/29/4975_ 11.541048178580.00.3561.72 128.199.61.251http/1.1localhost:80GET / HTTP/1.1 0-868770/17/5222_ 11.46150250388740.00.1660.80 85.208.96.204http/1.1www.mkandptfoods.com:443GET /wzy.php?m51926256234.html HTTP/1.1 0-868770/23/5316_ 11.73267148072370.00.2981.42 66.249.79.66http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?kklwxmt-38373yetidm69.html HTTP/1.1 0-868770/22/5256_ 11.7512349364210.00.3963.06 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4 0-868770/21/5363_ 11.722049590390.00.2476.17 128.199.61.251http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-868770/20/5306_ 11.23194452171030.00.3269.09 23.22.35.162http/1.1www.chonlateeboi.com:443GET /36021tbrmitems/etidm99.htm HTTP/1.1 0-868770/24/5290_ 11.7511549122730.00.2562.19 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/qi-addons-for-elementor/inc/plugins/ele 0-868770/21/4997_ 11.46164149334990.00.2556.97 66.249.71.4http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?pnqasnc-15212detidm9 HTTP/1.1 0-868770/26/4955_ 11.7613750751060.00.2359.21 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/ao 0-868770/26/4946_ 11.701047839840.00.3459.38 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 0-868770/21/5280_ 11.701048733620.00.2358.35 207.154.240.169http/1.1localhost:80GET / HTTP/1.1 0-868770/23/5034_ 11.701050217500.00.2771.03 178.62.73.12http/1.1localhost:80GET / HTTP/1.1 0-868770/23/5097_ 11.781050206330.00.3373.64 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/fronte 0-868770/20/4985_ 10.921049737540.00.2968.12 5.101.157.148http/1.1www.dinocoffees.com:443POST /wp-login.php HTTP/2.0 0-868770/19/5231_ 10.841044691110.00.2367.68 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /bqirtdd190230vf037b7e3 HTTP/1.1 0-868770/17/4975_ 11.101051856100.00.1463.12 161.35.176.95h2localhost:443[0/0] Software caused connection abort 0-868770/25/4984_ 11.771050753540.00.3173.04 128.199.61.251http/1.1localhost:80GET /about HTTP/1.1 0-868770/18/5064_ 11.42189349737180.00.2562.67 185.191.171.16http/1.1www.chonlateeboi.com:443GET /33364tzwaetidm9 HTTP/1.1 0-868770/19/5165_ 11.7612347535140.00.2667.24 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/themes/sydney/js/so-legacy.js?ver=6.3.2 HTTP/1. 0-868770/24/5260_ 11.701049453910.00.2285.08 139.59.182.142http/1.1localhost:80GET / HTTP/1.1 0-868770/17/5356_ 10.95180750357090.00.2085.39 223.24.157.217h2www.xn--12cx2bef7bl0boq4ch6gugw[0/0] init 0-868770/21/4933_ 11.3313749140460.00.2567.95 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/fronte 0-868770/14/5222_ 11.7511152407730.00.1859.91 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/pa 0-868770/16/5044_ 11.7512647464910.00.2564.72 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/themes/sydney/js/so-legacy-main.min.js?ver=6.3. 0-868770/25/5244_ 11.741346041050.00.3363.60 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/modal- 1-866970/21/5363_ 8.451054667380.00.2257.61 178.62.73.12http/1.1localhost:80GET /about HTTP/1.1 1-866970/17/4984_ 7.9716051429070.00.1959.48 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/qi-addons-for-elementor/assets/plugins/ 1-866970/21/5183_ 8.4915255143570.00.2759.77 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min 1-866970/13/5136_ 7.87084748848650.00.1668.55 139.59.182.142http/1.1 1-866970/12/5107_ 8.4913749951420.00.1758.07 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/themes/sydney/js/functions.min.js?ver=20230315 1-866970/12/5042_ 7.47189352521240.00.1361.33 161.35.27.144h2localhost:443[0/0] Software caused connection abort 1-866970/16/5474_ 8.521053860880.00.2663.46 139.59.182.142http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 1-866970/16/5294_ 7.920050744480.00.1768.77 161.35.27.144http/1.1 1-866971/18/5195W 7.691051338550.00.2070.38 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /comments/feed/ HTTP/1.1 1-866970/15/5461_ 7.2013153738510.00.1865.73 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/themes/sydney/js/scripts.js?ver=6.3.2 HTTP/1.1 1-866970/15/5456R 8.081272653685270.00.1672.12
Found on 2023-11-22 17:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb315db5272d5db5272d31a006b7Apache Status Apache Server Status for mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Saturday, 23-Sep-2023 14:03:10 +07 Restart Time: Saturday, 23-Sep-2023 04:02:11 +07 Parent Server Config. Generation: 1763 Parent Server MPM Generation: 1762 Server uptime: 10 hours 59 seconds Server load: 2.60 2.56 2.24 Total accesses: 67008 - Total Traffic: 1.1 GB - Total Duration: 96122013 CPU Usage: u2991.07 s5226.35 cu51116000 cs12505100 - 176000% CPU load 1.86 requests/sec - 33.1 kB/second - 17.8 kB/request - 1434.49 ms/request 7 requests currently being processed, 6 idle workers _WW_WWW_....W..R_.._.._........................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1762180790/26/5234_ 19.670170927890.00.4194.16 139.144.150.45http/1.1localhost:80GET /.DS_Store HTTP/1.0 1-1762180920/21/5140W 12.012073758410.00.2295.43 27.254.96.168http/1.1www.chonlateefbc.com:443GET / HTTP/1.1 2-1762181070/19/5256W 13.570073915970.00.2076.74 45.55.193.222http/1.1localhost:80GET /server-status HTTP/1.0 3-1762181280/14/4858_ 12.870065751290.00.1974.23 159.223.108.26http/1.1 4-1762181390/13/5022W 7.980068019270.00.1490.74 51.79.24.51http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bPOST //wp-login.php HTTP/1.1 5-1762177840/62/4763W 72.390072755100.00.6966.21 51.79.24.51http/1.1www.chonlateemeet.com:443POST //wp-login.php HTTP/1.1 6-1762177430/78/4548W 50.304067233590.00.8189.42 64.227.126.135http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 7-1762181980/4/4268_ 0.890062970750.00.0163.18 45.55.193.222http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 8-1762-0/0/4221. 0.00169061332790.00.0080.42 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 9-1762-0/0/3845. 0.009353356072820.00.0055.42 94.232.42.51http/1.1www.ltclevelup.com:443GET /mysql/adminer.php HTTP/1.1 10-1762-0/0/3575. 0.0061051932140.00.0058.84 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 11-1762-0/0/3590. 0.00149051970010.00.0073.16 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 12-1762177940/44/2717W 35.6115037145940.00.6952.17 27.254.96.168http/1.1www.chonlateefbc.com:443POST /wp-cron.php?doing_wp_cron=1695452574.81639099121093750000 13-1762-0/0/2342. 0.00154033821870.00.0036.14 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 14-1762-0/0/2027. 0.0049031276320.00.0036.69 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 15-1762178080/64/1735R 70.571126520030.00.8931.68 51.79.24.51http/1.1www.chonlateefood.com:443 16-1762178140/80/1354_ 45.580017433550.00.7625.14 139.144.150.45http/1.1localhost:80GET /_all_dbs HTTP/1.0 17-1762-0/0/617. 0.0011007920810.00.0011.82 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 18-1762-0/0/556. 0.0015209782000.00.0013.92 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1762179870/33/500_ 25.14011947284990.00.418.17 159.223.108.26http/1.1 20-1762-0/0/141. 0.0016001586030.00.006.52 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 21-1762-0/0/115. 0.0015301321300.00.005.22 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1762179960/42/105_ 33.03012043306970.00.509.88 51.79.24.51http/1.1www.chonlateefood.com:443POST //wp-login.php HTTP/1.1 23-1762-0/0/35. 0.0047780235960.00.001.87 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 24-1762-0/0/118. 0.00432201364080.00.003.02 49.0.249.187http/1.1www.uniqueworkthailand.com:80POST /xmlrpc.php HTTP/1.0 25-1762-0/0/28. 0.0047660173890.00.000.44 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1762-0/0/4. 0.0047620157610.00.000.07 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 27-1762-0/0/3. 0.004770096260.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1762-0/0/4. 0.0047670111560.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 29-1762-0/0/58. 0.0046920579870.00.000.70 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 30-1762-0/0/100. 0.0043217711412600.00.001.40 51.79.24.51http/1.1www.chonlateekeyman.com:443POST //wp-login.php HTTP/1.1 31-1762-0/0/3. 0.0047630124930.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 32-1762-0/0/4. 0.004780079740.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 33-1762-0/0/4. 0.0047550129440.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 34-1762-0/0/4. 0.0047570108370.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 35-1762-0/0/9. 0.0047640178550.00.000.15 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 36-1762-0/0/6. 0.0047480134700.00.000.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 37-1762-0/0/2. 0.004786570.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 38-1762-0/0/3. 0.004768086730.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 39-1762-0/0/1. 0.004785000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 40-1762-0/0/84. 0.00435402081880.00.001.29 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 41-1762-0/0/1. 0.004784000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 42-1762-0/0/8. 0.0047330123820.00.000.04 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 282subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 21 seconds, (range: 0...48)index usage: 10%, cache usage: 12%total entries stored since starting: 10729total entries replaced since starting: 0total entries expired since starting: 10447total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 441 hit, 20648 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-23 07:01 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb315db5272d5db5272de4897489Apache Status Apache Server Status for mail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Wednesday, 20-Sep-2023 13:39:15 +07 Restart Time: Wednesday, 20-Sep-2023 13:38:45 +07 Parent Server Config. Generation: 1749 Parent Server MPM Generation: 1748 Server uptime: 29 seconds Server load: 1.37 1.59 1.37 Total accesses: 108 - Total Traffic: 840 kB - Total Duration: 58482 CPU Usage: u2661.38 s5135.87 cu50937800 cs12467100 - 2.19e+8% CPU load 3.72 requests/sec - 29.0 kB/second - 7.8 kB/request - 541.5 ms/request 7 requests currently being processed, 4 idle workers W___RW_RWWR....................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1748323550/16/16W 2.920080670.00.200.20 144.126.202.105http/1.1localhost:80GET /server-status HTTP/1.0 1-1748323560/9/9_ 6.3202219137490.00.200.20 138.197.88.136http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 2-1748323570/18/18_ 4.8203101940.00.130.13 139.59.182.142http/1.1 3-1748323580/17/17_ 1.980037670.00.130.13 134.122.89.242http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 4-1748323590/16/16R 2.390180580.00.090.09 165.232.76.155http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 5-1748324030/9/9W 2.580049550.00.020.02 124.120.35.241http/1.1www.chonlateefbc.com:80POST /wp-admin/admin-ajax.php HTTP/1.0 6-1748324100/6/6_ 2.460114948000.00.020.02 161.35.27.144http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.0 7-1748324170/6/6R 1.300126425380.00.010.01 207.154.240.169http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.0 8-1748324180/9/9W 1.280023470.00.030.03 124.120.35.241http/1.1www.chonlateefbc.com:80POST /wp-admin/admin-ajax.php HTTP/1.0 9-1748324330/2/2W 0.000030.00.000.00 45.61.184.148http/1.1www.seasabithailand.com:443GET /wp-login.php HTTP/1.1 10-1748324390/0/0R 0.000000.00.000.00 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 15subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 288 seconds, (range: 274...295)index usage: 0%, cache usage: 0%total entries stored since starting: 15total entries replaced since starting: 0total entries expired since starting: 0total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 0 hit, 81 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-20 06:37
-
-
Apache server-status page is publicly available
The server-status page (usually
/server-status) allows server administrators to find out how well their server is performing.This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
IP: 203.170.192.183
Domain: smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
Port: 443
URL: https://smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.comFirst seen 2023-09-20 06:37
Last seen 2024-02-02 07:14
Open for 135 days-
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb314ef03e414ef03e414f0f6496Apache Status Apache Server Status for smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Friday, 02-Feb-2024 14:14:39 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 93 Parent Server MPM Generation: 92 Server uptime: 28 days 4 hours 13 minutes 18 seconds Server load: 2.00 2.01 2.00 Total accesses: 1846549 - Total Traffic: 23.8 GB - Total Duration: 2141102338 CPU Usage: u207.67 s114.36 cu32089.3 cs2210.25 - 1.42% CPU load .759 requests/sec - 10.3 kB/second - 13.5 kB/request - 1159.52 ms/request 1 requests currently being processed, 127 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 029373no0yes032000 229661no3yes032003 329394no0yes131000 529374no0yes032000 Sum403 1127003 ________________________________................................ _____________________________________________________________W__ ................................________________________________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-92293730/28/14776_ 11.37250160260910.00.13193.76 162.243.161.105http/1.1localhost:443GET /.DS_Store HTTP/1.1 0-92293730/25/15268_ 11.37260139013290.00.09198.95 143.110.156.182http/1.1localhost:443GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-92293730/27/14840_ 11.1842150309240.00.13192.70 167.99.184.41http/1.1localhost:80GET /server-status HTTP/1.1 0-92293730/24/15017_ 11.38210145874870.00.07185.95 162.243.186.177http/1.1localhost:443GET /config.json HTTP/1.1 0-92293730/23/14921_ 11.29180147711640.00.14185.41 146.190.98.165http/1.1localhost:443GET / HTTP/1.1 0-92293730/23/15150_ 11.39200156649100.00.09188.50 162.243.186.177http/1.1localhost:443GET /telescope/requests HTTP/1.1 0-92293730/24/14824_ 11.4420145588360.00.11200.21 162.243.161.105http/1.1localhost:80GET /login.action HTTP/1.1 0-92293730/19/15126_ 11.29180150181980.00.06187.56 138.197.88.136h2localhost:443[0/0] Software caused connection abort 0-92293730/27/15094_ 11.36200145226800.00.07229.87 138.197.88.136http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-92293730/29/15223_ 11.3700148853290.00.14194.87 146.190.64.200http/1.1localhost:443GET /_all_dbs HTTP/1.1 0-92293730/30/14790_ 11.35250154393210.00.08200.68 143.42.118.5http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-92293730/25/14798_ 11.21267147156100.00.07195.44 146.190.98.165http/1.1localhost:443GET /server-status HTTP/1.1 0-92293730/32/14663_ 11.35250137182690.00.13185.49 161.35.176.95http/1.1localhost:80GET /config.json HTTP/1.1 0-92293730/28/14819_ 11.39120169086470.00.07186.00 165.232.76.155http/1.1localhost:80GET / HTTP/1.1 0-92293730/22/15768_ 11.3500141614970.00.08187.74 162.243.161.105http/1.1localhost:443GET / HTTP/1.1 0-92293730/28/14820_ 11.36200165341170.00.07182.46 137.184.150.232http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-92293730/29/14868_ 11.3540143404940.00.09206.34 143.42.118.5http/1.1localhost:80GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-92293730/26/14933_ 11.3730144939910.00.09189.27 139.144.150.45h2localhost:443[0/0] Software caused connection abort 0-92293730/21/14749_ 11.29190160388130.00.03200.51 164.90.205.35http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-92293730/29/14974_ 11.37220144639320.00.11193.79 138.197.88.136http/1.1localhost:443GET /config.json HTTP/1.1 0-92293730/25/14962_ 11.4430181495750.00.14193.40 164.92.192.25http/1.1localhost:443GET /about HTTP/1.1 0-92293730/25/14990_ 11.23200147053460.00.08204.06 167.99.8.63http/1.1localhost:80\x16\x03\x01\x01\x1c\x01 0-92293730/28/15446_ 11.25200150748520.00.14188.26 162.243.161.105h2localhost:443[0/0] Software caused connection abort 0-92293730/26/14657_ 11.37220138764970.00.13190.18 162.243.186.177http/1.1localhost:443GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-92293730/30/14954_ 11.38220162205790.00.08186.86 146.190.64.200http/1.1localhost:443GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-92293730/28/14631_ 11.4340135981450.00.12196.97 164.92.192.25http/1.1localhost:443GET / HTTP/1.1 0-92293730/21/15128_ 11.4340144713420.00.04194.48 165.232.76.155http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-92293730/24/14909_ 11.38210159187380.00.04213.29 162.243.161.105http/1.1localhost:443GET /telescope/requests HTTP/1.1 0-92293730/27/14714_ 11.3560152174320.00.10175.91 139.144.150.45h2localhost:443[0/0] Software caused connection abort 0-92293730/22/15170_ 11.35250135139100.00.08225.12 159.223.102.13http/1.1localhost:80GET /.env HTTP/1.1 0-92293730/29/14648_ 11.28200155571710.00.04199.12 146.190.64.200h2localhost:443[0/0] Software caused connection abort 0-92293730/22/14912_ 11.29110145814950.00.12185.11 146.190.64.200h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15731. 0.00360650138364770.00.00219.29 137.184.162.65http/1.1localhost:80GET /.git/config HTTP/1.1 1-92-0/0/15813. 0.00360650136849580.00.00198.68 139.144.150.23http/1.1localhost:443GET /login.action HTTP/1.1 1-92-0/0/15602. 0.00360650174090190.00.00199.96 159.203.44.43h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15318. 0.00360650150896030.00.00189.46 164.92.84.255http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 1-92-0/0/15276. 0.00360650146566320.00.00197.93 159.203.44.43http/1.1localhost:443GET /.git/config HTTP/1.1 1-92-0/0/15655. 0.00360650134151790.00.00198.79 139.144.150.23http/1.1localhost:443GET /.DS_Store HTTP/1.1 1-92-0/0/15351. 0.00360650172789920.00.00188.15 159.223.102.13http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-92-0/0/15185. 0.00360650165483380.00.00189.07 64.227.126.135h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15335. 0.00360650127395500.00.00211.76 134.122.34.144http/1.1localhost:443GET /telescope/requests HTTP/1.1 1-92-0/0/14956. 0.00360650152319130.00.00188.74 159.203.44.43http/1.1localhost:443GET / HTTP/1.1 1-92-0/0/15041. 0.00360650148013860.00.00204.86 164.92.84.255http/1.1localhost:443GET /login.action HTTP/1.1 1-92-0/0/15506. 0.00360650159268070.00.00208.73 139.144.96.150http/1.1localhost:443GET /config.json HTTP/1.1 1-92-0/0/15329. 0.00360650159504030.00.00200.56 45.55.193.222http/1.1localhost:443GET /telescope/reques
Found on 2024-02-02 07:14 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb314ef03e414ef03e419a63db3fApache Status Apache Server Status for smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Sunday, 07-Jan-2024 10:24:42 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 8 Parent Server MPM Generation: 7 Server uptime: 2 days 23 minutes 21 seconds Server load: 2.96 2.86 2.74 Total accesses: 814736 - Total Traffic: 11.0 GB - Total Duration: 1006088224 CPU Usage: u189.26 s16.16 cu13881.1 cs728.27 - 8.5% CPU load 4.68 requests/sec - 66.3 kB/second - 14.2 kB/request - 1234.86 ms/request 7 requests currently being processed, 57 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 016374no2yes329000 216287no9yes428005 Sum2011 757005 ________W_____R_________W_______................................ _W__W______W_____________R______................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-7163740/63/6280_ 33.413085365020.00.9792.77 139.59.182.142http/1.1localhost:80GET /about HTTP/1.1 0-7163740/62/6768_ 33.703062367520.00.7789.17 161.35.176.95http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-7163740/60/6277_ 33.35188374316470.00.6692.73 162.243.184.251http/1.1 0-7163740/49/6579_ 33.720071625460.00.6385.39 162.243.184.251http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-7163740/45/6309_ 32.992071472820.00.8381.80 162.243.184.251http/1.1 0-7163740/62/6701_ 33.381228880127480.00.7489.02 85.208.96.193http/1.1www.chonlateefbc.com:443GET /tag/%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B9%83%E0%B8%9A%E0%B8%AD 0-7163740/47/6491_ 33.641060620330.00.6099.24 162.243.184.251http/1.1localhost:443GET / HTTP/1.1 0-7163740/52/6556_ 33.482069652390.00.5785.77 139.59.182.142http/1.1localhost:80GET /login.action HTTP/1.1 0-7163741/61/6559W 33.670064882890.00.78127.70 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /mubxhvp-4185oitems/eti.htm HTTP/1.1 0-7163740/56/6480_ 33.70363273476850.00.9583.48 185.191.171.14http/1.1www.chonlateeboi.com:443GET /16342idtuetidm17o HTTP/1.1 0-7163740/62/6225_ 33.47284278372830.00.7679.37 85.208.96.200http/1.1www.chonlateeadmin.com:443GET /gxvxktd-38681ieti.html HTTP/1.1 0-7163740/52/6180_ 33.622079761390.00.5780.56 139.59.182.142http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-7163740/59/6254_ 33.683055252220.00.7582.78 162.243.184.251http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-7163740/63/6474_ 33.632083790930.00.7486.96 161.35.176.95http/1.1localhost:80GET /.git/config HTTP/1.1 0-7163740/63/6892R 33.544104362341490.00.7288.68 52.70.240.171http/1.1www.chonlateeboi.com:443GET /21399qecvitems/etidm42bv.htm HTTP/1.1 0-7163740/64/6235_ 33.70383986448000.00.7581.29 52.70.240.171http/1.1www.chonlateeboi.com:443GET /25348khrretidm4 HTTP/1.1 0-7163740/50/6396_ 33.702066495960.00.6683.16 74.207.237.46http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-7163740/55/6534_ 33.71283864535040.00.7085.02 3.224.220.101http/1.1www.chonlateeboi.com:443GET /47617sabfitems/eti HTTP/1.1 0-7163740/62/6555_ 33.452104671407020.00.7983.44 162.243.184.251h2localhost:443[0/0] Software caused connection abort 0-7163740/69/6323_ 33.703070720420.00.8188.63 161.35.176.95http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-7163740/67/6602_ 33.613094670840.00.8291.42 161.35.176.95http/1.1localhost:80GET /.DS_Store HTTP/1.1 0-7163740/58/6275_ 33.703074337410.00.7285.02 74.207.237.46http/1.1localhost:443GET /about HTTP/1.1 0-7163740/55/6836_ 33.243778912360.00.5891.01 74.207.237.46h2localhost:443[0/0] Software caused connection abort 0-7163740/63/6373_ 33.684065232890.00.7691.55 161.35.176.95http/1.1localhost:80GET /config.json HTTP/1.1 0-7163741/55/6279W 33.530077137130.00.6478.83 162.243.184.251http/1.1localhost:443GET /server-status HTTP/1.1 0-7163740/69/6397_ 33.641059487070.00.8082.74 203.170.192.183http/1.1www.chonlateefbc.com:443POST /wp-cron.php?doing_wp_cron=1704597877.45316791534423828125 0-7163740/66/6384_ 33.5116272905390.00.8592.24 161.35.176.95http/1.1localhost:80GET /server-status HTTP/1.1 0-7163740/52/6378_ 33.680079661640.00.65112.86 74.207.237.46http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-7163740/48/6301_ 33.62283668405870.00.6279.51 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?ckfqxjd-324313seti.html HTTP/1.1 0-7163740/52/6571_ 33.71283874449580.00.58118.45 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /wulxhvp-4065yitems/eti.htm HTTP/1.1 0-7163740/56/6266_ 33.28284669276560.00.5791.85 74.207.237.46http/1.1 0-7163740/66/6584_ 33.712071844310.00.7584.68 74.207.237.46http/1.1localhost:443GET /v2/_catalog HTTP/1.1 1-7-0/0/6466. 0.00167042274721740.00.0084.07 51.15.59.15http/1.1www.happy-carrent.com:443POST /xmlrpc.php HTTP/1.1 1-7-0/0/6249. 0.00167045268360270.00.0079.42 66.249.71.201http/1.1www.twinbuilt.co.th:443GET /?e=5501-seminary-rd-unit-2305s-falls-church-va-22041-5-ii- 1-7-0/0/6212. 0.001670959100680970.00.0080.31 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /pveitgo-24936retidm30cir.htm HTTP/1.1 1-7-0/0/5977. 0.00167084377800350.00.0079.41 52.167.144.137h2www.chonlateenextbiz.com:443[1/1] done: stream 1, GET /8pcpoe/best-cursive-fonts-for-tattoo 1-7-0/0/6152. 0.00167084376922630.00.0092.62 52.70.240.171http/1.1www.chonlateeboi.com:443GET /42454qecvetidm79w HTTP/1.1 1-7-0/0/6223. 0.00167084766598140.00.0081.75 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /ntcitgo-35802petid.htm HTTP/1.1 1-7-0/0/6251. 0.001670219370593040.00.0079.56 52.70.240.171http/1.1www.chonlateeboi.com:443GET /19075oqmiitems/etidm HTTP/1.1 1-7-0/0/6319. 0.00167088579594730.00.0084.70 52.167.144.186h2www.happy-carrent.com:443GET /wp-content/uploads/2018/09/Page-02-1024x410.jpg HTTP/2.0 1-7-0/0/6288. 0.001670114057278660.00.0081.40 52.167.144.186h2www.happy-carrent.com:443[1/1] done: stream 1, GET /wp-content/uploads/2018/09/Page-02-1 1-7-0/0/6224. 0.00167030979955160.00.0086.70 163.172.106.185http/1.1www.tspaccount.net:443POST /wp-login.php HTTP/1.1 1-7-0/0/6028. 0.00167067377872850.00.0086.08 185.191.171.5http/1.1www.chonlateefood.com:443GET /getid/rig11587vvpiitems HTTP/1.1 1-7-0/0/6552. 0.00167097160633540.00.0094.71 52.70.240.171http/1.1www.chonlateeboi.com:443GET /20484tbrmetidm1.htm HTTP/1.1 1-7-0/0/6284. 0.00167084581432030.00.0084.49 23.22.35.162http/1.1www.chonlateeboi.com:443GET /4955ymuietidm.ht
Found on 2024-01-07 03:24 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb314ef03e414ef03e41344c241dApache Status Apache Server Status for smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Saturday, 06-Jan-2024 02:20:01 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 3 Parent Server MPM Generation: 2 Server uptime: 16 hours 18 minutes 40 seconds Server load: 2.78 2.79 2.76 Total accesses: 293243 - Total Traffic: 4.2 GB - Total Duration: 256361395 CPU Usage: u659.2 s35.79 cu4282.28 cs230.01 - 8.87% CPU load 4.99 requests/sec - 74.1 kB/second - 14.8 kB/request - 874.229 ms/request 11 requests currently being processed, 117 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 019907no1yes131001 419908no7yes032005 719927no3yes329001 919931no4yes725001 Sum4015 11117008 ____________W___________________................................ ................................................................ ________________________________................................ ................................WW____________________R_________ ................................_____W________W__W______WRW_W___ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-2199070/233/3076_ 139.295025456610.02.6445.67 147.182.168.210http/1.1localhost:443GET /.DS_Store HTTP/1.1 0-2199070/225/3320_ 137.89484524069460.02.8943.84 3.224.220.101http/1.1www.chonlateeboi.com:443GET /4582biwxetidm51g HTTP/1.1 0-2199070/218/3011_ 139.195036744310.02.7152.35 147.182.168.210http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-2199070/223/3253_ 138.785114326655770.02.8941.36 66.249.72.66http/1.1www.chonlateeadmin.com:443GET /trust.php?lanaonh-355834aitems/eti HTTP/1.1 0-2199070/209/3133_ 139.373024584760.02.3539.17 139.144.150.8http/1.1localhost:80GET /config.json HTTP/1.1 0-2199070/224/3377_ 139.531113127236570.03.0142.70 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?hoihsbr-52462vetidm9.htm HTTP/1.1 0-2199070/228/3150_ 139.324024651200.02.7954.36 159.203.63.67http/1.1localhost:443GET /.env HTTP/1.1 0-2199070/243/3163_ 139.304025500990.02.5840.97 139.144.150.8http/1.1localhost:80GET /.git/config HTTP/1.1 0-2199070/235/3210_ 139.295025403770.02.5183.30 139.144.150.8http/1.1localhost:80GET /.DS_Store HTTP/1.1 0-2199070/221/3142_ 139.424114224565290.02.8540.67 3.224.220.101http/1.1www.chonlateeboi.com:443GET /21688beacetidm40ebt HTTP/1.1 0-2199070/226/3073_ 138.671117228093640.02.7637.76 203.170.192.183http/1.1www.12gobiz.com:443GET /%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%9B%E0%B8%A3%E0%B8%B6%E0% 0-2199070/243/3020_ 139.281024710920.02.8338.88 178.62.73.12http/1.1localhost:80GET /.DS_Store HTTP/1.1 0-2199071/211/2978W 139.390024654980.02.5040.72 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?bzaqgmy-356422netid HTTP/1.1 0-2199070/209/3261_ 138.99583935957320.02.5644.22 66.249.71.169http/1.1www.chonlateeadmin.com:443GET /trust.php?izkvrsm-193019xitems/etid.html HTTP/1.1 0-2199070/224/3319_ 139.214028063520.02.4744.46 178.128.151.41h2localhost:443[0/0] Software caused connection abort 0-2199070/197/3046_ 139.560109225576540.02.2739.43 3.224.220.101http/1.1www.chonlateeboi.com:443GET /20555rbhsetidm.html HTTP/1.1 0-2199070/212/2999_ 139.314028627350.02.6338.93 192.53.126.23http/1.1localhost:443GET /telescope/requests HTTP/1.1 0-2199070/217/3296_ 139.425100824200650.02.4543.63 185.191.171.15http/1.1www.chonlateeboi.com:443GET /26657mcgaeti.html HTTP/1.1 0-2199070/217/3191_ 139.30534824004510.02.5741.58 66.249.77.72http/1.1www.chonlateeaa.com:443GET /?w=o11-dynamic-evo-lian-li-is-a-leading-provider-yy-R49x1K 0-2199070/216/3037_ 139.410128328573140.02.4944.83 66.249.72.67http/1.1www.chonlateeadmin.com:443GET /trust.php?kenhsbr-284671aetidm63xr.html HTTP/1.1 0-2199070/223/3088_ 139.502103324077060.02.8443.87 23.22.35.162http/1.1www.chonlateeboi.com:443GET /42917idtuetidm83.html HTTP/1.1 0-2199070/210/3136_ 139.550140926451080.02.6144.79 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /trust.php?nqcggdh-187486petidm53a HTTP/1.1 0-2199070/237/3482_ 139.382024394340.02.7644.23 159.203.63.67http/1.1localhost:443GET /.git/config HTTP/1.1 0-2199070/195/2968_ 139.015524183700.02.2439.04 139.59.182.142http/1.1localhost:80GET /server-status HTTP/1.1 0-2199070/231/3040_ 139.453024439600.02.7938.79 178.128.151.41http/1.1localhost:443GET /about HTTP/1.1 0-2199070/218/3018_ 139.20584824256070.02.7639.20 3.224.220.101http/1.1www.chonlateeboi.com:443GET /44139ztiaitems/etidm.htm HTTP/1.1 0-2199070/207/3099_ 139.531133927401460.02.7849.87 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?zqoggdh-187498betid HTTP/1.1 0-2199070/204/3080_ 139.304028489650.02.7669.97 178.62.73.12http/1.1localhost:80GET /.git/config HTTP/1.1 0-2199070/220/2985_ 139.314024507160.02.5637.53 147.182.168.210http/1.1localhost:443GET /.env HTTP/1.1 0-2199070/228/3337_ 139.511023174090.02.6578.22 178.128.151.41http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-2199070/227/3036_ 139.391024393580.02.8546.94 159.89.83.196http/1.1localhost:443GET / HTTP/1.1 0-2199070/229/3392_ 139.391100227213270.02.8241.45 66.249.72.67http/1.1www.chonlateeadmin.com:443GET /trust.php?dwgqxjd-152506titems/etid.html HTTP/1.1 1-1-0/0/2323. 0.00689186617630010.00.0030.27 207.46.13.154http/1.1www.thaidaoherb.com:443GET /9i7h/dyv42461ryyhc053875235.html HTTP/2.0 1-1-0/0/2100. 0.006891173417390000.00.0027.02 66.249.71.7http/1.1www.chonlateenextbiz.com:443GET /db.php?g3192039.shtml HTTP/1.1 1-1-0/0/2227. 0.006891107117630050.00.0030.69 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?rngadej-26472tetidm80eat.htm HTTP/1.1 1-1-0/0/2089. 0.006891211517285130.00.0027.89 66.249.69.229http/1.1www.chonlateenextbiz.com:443GET /db.php?g335424.shtml HTTP/1.1 1-1-0/0/2129. 0.00689185117106500.00.0032.51 52.70.240.171http/1.1www.chonlateeboi.com:443GET /48835biwxitems/etidm HTTP/1.1 1-1-0/0/2185. 0.00689185816794840.00.0028.38 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?jryadej-23266letid HTTP/1.1 1-1-0/0/2135. 0.00689197217421340.00.0026.37 23.22.35.162http/1.1www.chonlateeboi.com:443GET /22684biwxetidm7 HTTP/1.1 1-1-0/0/2185. 0.0068911717237790.00.0029.46 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?papaw99.xml HTTP/1.1 1-1-0/0/2163. 0.00689184617365570.00.0029.98 23.22.35.162http/1.1www.chonlateeboi.com:443GET /42349biwxitems/etidm52 HTTP/1.1 1-1-0/0/2112. 0.00689189516912400.00.0027.55 185.191.171.3http/1.1www.chonlateefood.com:443GET /geti/cer43578htewitems.htm HTTP/1.1 1-1-0/0/2118. 0.006891102016733450.00.0031.98 157.55.39.202h2www.chonlateeadmin.com:443[1/1] done: stream 1, GET /tviipbe-49432vetidm29giv 1-1-0/0/2249. 0
Found on 2024-01-05 19:19 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb314ef03e414ef03e410b74ec0fApache Status Apache Server Status for smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Monday, 11-Dec-2023 19:18:39 ICT Restart Time: Friday, 01-Dec-2023 00:22:58 ICT Parent Server Config. Generation: 41 Parent Server MPM Generation: 40 Server uptime: 10 days 18 hours 55 minutes 41 seconds Server load: 0.96 0.86 0.89 Total accesses: 4251824 - Total Traffic: 54.6 GB - Total Duration: 4033782758 CPU Usage: u263.14 s48.38 cu76365.7 cs4002.43 - 8.66% CPU load 4.56 requests/sec - 61.4 kB/second - 13.5 kB/request - 948.718 ms/request 10 requests currently being processed, 54 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 010297no0yes428000 22452no6yes626003 Sum206 1054003 __WW___________W________W_______................................ ___W___W_____R____W__W______R___................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-40102970/100/38327_ 59.6620349638300.01.32485.73 178.128.151.41http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-40102970/95/37656_ 59.580670356602030.01.12476.23 185.191.171.5http/1.1www.chonlateeadmin.com:443GET /anpwaok-8801ceti.html HTTP/1.1 0-40102971/110/38041W 59.5900391431190.01.27488.23 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?lgstmjj-42664fetidm32y.htm HTTP/1.1 0-40102971/109/38116W 59.6200378870170.01.22498.68 178.128.151.41http/1.1localhost:443GET /server-status HTTP/1.1 0-40102970/94/38607_ 59.620646360437120.01.17552.39 66.249.64.227http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?rikvbri-33960xetidm69e HTTP/1.1 0-40102970/98/37673_ 58.242631389570520.01.33477.15 79.137.206.177http/1.1www.mkandptfoods.com:443POST /bdb1c307e65f.php HTTP/1.1 0-40102970/93/38022_ 58.960663390392880.01.16479.85 178.128.151.41h2localhost:443[0/0] Software caused connection abort 0-40102970/97/38764_ 59.662853358731050.01.23486.83 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?stsagyn-20753fetidm16fgf.htm HTTP/1.1 0-40102970/84/37742_ 59.5310370713710.00.98494.99 162.243.184.251http/1.1localhost:80GET /.git/config HTTP/1.1 0-40102970/90/38176_ 59.731685358682830.01.05488.72 66.249.71.2http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?zgstmjj-45356fetid.htm HTTP/1.1 0-40102970/97/37678_ 59.4920374486500.01.14459.01 147.182.130.98http/1.1localhost:80GET /.git/config HTTP/1.1 0-40102970/105/37783_ 59.5110358350640.01.21508.84 147.182.130.98http/1.1localhost:80GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-40102970/91/37600_ 59.5610365712750.01.06458.79 147.182.130.98http/1.1localhost:80GET /config.json HTTP/1.1 0-40102970/90/37818_ 59.492688394763950.01.10488.15 66.249.64.227http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?oyhmlcv-8269uetidm.html HTTP/1.1 0-40102970/91/38088_ 59.291908369917770.01.17478.94 192.42.116.174http/1.1www.dinocoffees.com:443POST /xmlrpc.php HTTP/1.1 0-40102971/109/37734W 59.1600362762480.01.22533.28 66.249.64.227http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?fzorxma-10314betid HTTP/1.1 0-40102970/96/38746_ 59.820671366353990.01.21513.68 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?cflzslq-34881yitems/eti HTTP/1.1 0-40102970/90/38187_ 59.6100356889380.01.06471.54 178.128.151.41http/1.1localhost:443GET /about HTTP/1.1 0-40102970/96/38207_ 59.7900358462490.020.60494.79 178.128.151.41http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-40102970/101/38530_ 59.691874374480760.01.26502.24 3.224.220.101http/1.1www.chonlateeboi.com:443GET /trust.php?232120evvmetidm13seh HTTP/1.1 0-40102970/77/37903_ 59.561923352466860.00.87500.57 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?232110evvmetidm88i.htm HTTP/1.1 0-40102970/103/38105_ 59.820696376990780.01.19493.09 43.130.47.136http/1.1www.nadapool.com:443GET / HTTP/1.1 0-40102970/104/37805_ 59.731871395807020.01.23501.42 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?inbxaed-21757oetidm.html HTTP/1.1 0-40102970/95/37150_ 58.742875351890680.01.13462.68 139.59.65.144h2localhost:443[0/0] Software caused connection abort 0-40102971/97/38168W 59.3200361785830.01.19508.03 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?iwxadej-304351kitems/etidm33vj HTTP/1.1 0-40102970/92/37458_ 59.2300378914780.01.07458.63 178.128.151.41h2localhost:443[0/0] Software caused connection abort 0-40102970/100/38194_ 59.3800362590360.01.10571.95 139.59.65.144http/1.1localhost:443GET /.env HTTP/1.1 0-40102970/89/37425_ 59.790658361110770.01.22498.69 66.249.64.227http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?xoqniby-27830detidm4.htm HTTP/1.1 0-40102970/88/37994_ 59.291869401884750.01.04511.12 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?282674evvmitems/etid.html HTTP/1.1 0-40102970/84/37887_ 59.380773365266910.01.00491.42 43.130.47.136http/1.1www.nadapool.com:443GET / HTTP/1.1 0-40102970/95/38007_ 59.8201224357912850.01.11482.15 107.189.3.190http/1.1www.chonlateefood.com:443GET /wp-login.php HTTP/1.1 0-40102970/96/37727_ 58.3021784366008410.01.57525.76 139.59.65.144h2localhost:443[0/0] Software caused connection abort 1-40-0/0/38863. 0.001170863364752980.00.00492.68 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?291574evvmetidm20k HTTP/1.1 1-40-0/0/38802. 0.001170917373119540.00.00535.20 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?qwfadej-222771sitems/etidm.htm HTTP/1.1 1-40-0/0/38626. 0.001170603374504180.00.00537.29 66.249.64.102http/1.1www.chonlateefbc.com:443GET /?m=macbook-air-mac-book-pro-imac-mac-mini-macbook-mm-OPeRV 1-40-0/0/38884. 0.001170635382396960.00.00547.99 66.249.64.102http/1.1www.chonlateefbc.com:443GET /?m=genuine-msi-crosshair-15-r6e-b12ugz-414tr-battery-90wh- 1-40-0/0/39629. 0.001170623354047560.00.00604.02 66.249.71.165http/1.1www.chonlateefbc.com:443GET /?m=air-filter-472306-for-komatsu-engine-4d94-4d95s-p40-mm- 1-40-0/0/38433. 0.001170891350986300.00.00551.36 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /trust.php?nncadej-289744petidm66aap HTTP/1.1 1-40-0/0/38562. 0.001170843351221390.00.00517.38 121.4.151.114http/1.1 1-40-0/0/38902. 0.001170868378421350.00.00496.70 65.109.127.29http/1.1www.thesungolden.com:443GET /tzeu2e/best-cheap-wonderkid-fm-2023.html HTTP/1.1 1-40-0/0/38702. 0.0011701051367400040.00.00487.21 52.70.240.171http/1.1www.chonlateeboi.com:443GET /trust.php?214574evvmitems/etidm53w.html HTTP/1.1 1-40-0/0/38838. 0.0011700359455680.00.00497.82 3.233.221.90http/1.1www.12gobiz.com:443GET /tag/%E0%B8%97%E0%B8%B3%E0%B8%9A%E0%B8%B1%E0%B8%8D%E0%B8%8A 1-40-0/0/39346. 0.0011700355193580.00.00521.44 23.22.35.162http/1.1www.krongthongsecurity.co
Found on 2023-12-11 12:18 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb314ef03e414ef03e419928ba95Apache Status Apache Server Status for smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Thursday, 23-Nov-2023 00:24:04 ICT Restart Time: Monday, 20-Nov-2023 10:17:03 ICT Parent Server Config. Generation: 9 Parent Server MPM Generation: 8 Server uptime: 2 days 14 hours 7 minutes 1 second Server load: 1.81 1.96 1.65 Total accesses: 648162 - Total Traffic: 8.2 GB - Total Duration: 719208526 CPU Usage: u59.74 s12.76 cu9707.16 cs570.87 - 4.63% CPU load 2.9 requests/sec - 38.6 kB/second - 13.3 kB/request - 1109.61 ms/request 8 requests currently being processed, 120 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 06877no1yes131100 16697no2yes527001 36879no13yes1310013 46881no1yes131000 Sum4017 81201014 _____________R___________________WR_R____________________RR_____ ................................_R______________________________ __________________________W_____................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-868770/30/5240_ 11.971047419550.00.3872.57 52.70.240.171http/1.1www.krongthongsecurity.com:443GET /beirtdd179544vb771058384 HTTP/1.1 0-868770/24/4983_ 11.101281450402760.00.2661.56 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-json/ HTTP/1.1 0-868770/26/4909_ 11.722068876520.00.4060.32 164.90.222.93http/1.1 0-868770/21/5097_ 11.922048793540.00.2862.97 161.35.176.95http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-868770/24/5147_ 11.7411251687560.00.2879.22 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/in 0-868770/25/5224_ 11.912050709910.00.4062.71 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /config.json HTTP/1.1 0-868770/26/5076_ 11.793109751557000.00.3365.50 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?dnsecaw-246678fetidm53q.htm HTTP/1.1 0-868770/29/4975_ 11.542048178580.00.3561.72 128.199.61.251http/1.1localhost:80GET / HTTP/1.1 0-868770/17/5222_ 11.46350250388740.00.1660.80 147.182.130.98http/1.1 0-868770/24/5317_ 11.922048072380.00.2981.42 144.126.198.24http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-868770/23/5257_ 11.951049364220.00.3963.06 139.59.182.142http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-868770/22/5364_ 11.842049590390.00.2476.17 207.154.240.169http/1.1localhost:80GET /login.action HTTP/1.1 0-868770/21/5307_ 11.900052171030.00.3369.09 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /.git/config HTTP/1.1 0-868770/25/5291R 11.895049122730.00.2562.20 87.236.20.180http/1.1www.dreamhightravel.com:443 0-868770/22/4998_ 11.913049334990.00.2556.97 178.62.3.65http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-868770/26/4955_ 11.7613750751060.00.2359.21 147.182.130.98h2localhost:443[0/0] Software caused connection abort 0-868770/26/4946_ 11.700047839840.00.3459.38 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 0-868770/22/5281_ 11.890048733620.00.2358.35 128.199.61.251http/1.1localhost:80GET /.git/config HTTP/1.1 0-868770/23/5034_ 11.700050217500.00.2771.03 178.62.73.12http/1.1localhost:80GET / HTTP/1.1 0-868770/24/5098_ 11.913050206340.00.3373.64 161.35.176.95http/1.1localhost:443GET / HTTP/1.1 0-868770/21/4986_ 11.903049737540.00.2968.12 139.59.182.142http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-868770/19/5231_ 10.840044691110.00.2367.68 164.90.222.93h2localhost:443[0/0] Software caused connection abort 0-868770/19/4977_ 11.922051856100.00.1563.12 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-868770/27/4986_ 11.971050753540.00.3173.04 161.35.27.144http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-868770/19/5065_ 11.913049737180.00.2562.67 139.59.182.142http/1.1localhost:443GET /about HTTP/1.1 0-868770/20/5166_ 11.89065047541650.00.2867.26 66.249.79.68http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?bxcazkf-7866pitems/etid.html HTTP/1.1 0-868770/24/5260_ 11.700049453910.00.2285.08 139.59.182.142http/1.1localhost:80GET / HTTP/1.1 0-868770/17/5356_ 10.95380750357090.00.2085.39 223.24.157.217h2www.xn--12cx2bef7bl0boq4ch6gugw[0/0] init 0-868770/22/4934_ 11.891049140460.00.2667.95 144.126.198.24http/1.1localhost:443GET / HTTP/1.1 0-868770/15/5223_ 11.98088752416600.00.1959.93 23.22.35.162http/1.1www.chonlateeboi.com:443GET /5396tbrmitems/etidm6.html HTTP/1.1 0-868770/16/5044_ 11.7512647464910.00.2564.72 164.90.222.93h2localhost:443[0/0] Software caused connection abort 0-868770/26/5245_ 11.842046041050.00.3463.60 128.199.61.251http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-866970/22/5364_ 8.612054667380.00.2357.61 139.59.182.142http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 1-866971/18/4985W 8.580051429080.00.1959.49 144.126.198.24http/1.1localhost:443GET /server-status HTTP/1.1 1-866970/22/5184R 8.585055143570.00.2759.77 147.182.130.98http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1 1-866970/13/5136_ 7.87384748848650.00.1668.55 147.182.130.98http/1.1 1-866970/12/5107R 8.4953749951420.00.1758.07 164.90.222.93http/1.1 1-866970/13/5043_ 8.542052521240.00.1361.33 178.62.3.65http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /_all_dbs HTTP/1.1 1-866970/16/5474_ 8.520053860880.00.2663.46 139.59.182.142http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 1-866970/16/5294_ 7.923050744480.00.1768.77 161.35.27.144http/1.1 1-866970/19/5196_ 8.603477951386350.00.2070.39 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /comments/feed/ HTTP/1.1 1-866970/16/5462_ 8.630053738520.00.1865.73 144.126.198.24http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-866970/15/5456_ 8.083272653685270.00.1672.12 147.182.130.98http/1.1 1-866970/17/5344_ 8.640052276830.00.2971.18 161.35.176.95http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 1-866970/19/5135_ 8.580051894850.00.3057.87 178.62.3.65http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /.DS_Store HTTP/1.1 1-866970/23/5086_ 8.670052304970.00.23
Found on 2023-11-22 17:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31d6f3fa5ed6f3fa5ef8ccc455Apache Status Apache Server Status for smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Saturday, 23-Sep-2023 14:03:19 +07 Restart Time: Saturday, 23-Sep-2023 04:02:11 +07 Parent Server Config. Generation: 1763 Parent Server MPM Generation: 1762 Server uptime: 10 hours 1 minute 8 seconds Server load: 2.47 2.53 2.23 Total accesses: 67054 - Total Traffic: 1.1 GB - Total Duration: 96178538 CPU Usage: u3012.63 s5230.75 cu51116000 cs12505100 - 176000% CPU load 1.86 requests/sec - 33.1 kB/second - 17.8 kB/request - 1434.34 ms/request 9 requests currently being processed, 6 idle workers _RW_CWWW__..W.._W.._..R........................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1762180790/30/5238_ 22.53090670984820.00.4694.21 51.79.24.51http/1.1www.chonlateemeet.com:443POST //wp-login.php HTTP/1.1 1-1762180920/27/5146R 16.281173844520.00.2895.49 51.79.24.51http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4b 2-1762181070/21/5258W 13.650073916010.00.2076.75 188.120.237.195http/1.1www.partymanagementthailand.comPOST /wp-login.php HTTP/1.1 3-1762181280/17/4861_ 16.010265813980.00.2374.27 52.167.144.207http/1.1www.focusfilmthailand.com:443GET /wp-content/plugins/so-widgets-bundle/js/jquery.cycle.min.j 4-1762181391/17/5026C 9.340068060161.50.2690.85 159.223.108.26http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 5-1762177840/66/4767W 74.143072789950.00.7266.24 64.227.126.135http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 6-1762177430/84/4554W 53.820067338410.00.9789.58 159.223.108.26http/1.1localhost:443GET /server-status HTTP/1.1 7-1762181980/8/4272W 2.690063006410.00.0463.21 51.79.24.51http/1.1www.chonlateefood.com:443POST //wp-login.php HTTP/1.1 8-1762182140/1/4222_ 0.001361332850.00.0180.43 52.167.144.219http/1.1www.focusfilmthailand.com:443GET /wp-content/uploads/maxmegamenu/style.css?ver=b36ada HTTP/1 9-1762182240/0/3845_ 0.00053356072820.00.0055.42 94.232.42.51http/1.1www.ltclevelup.com:443GET /mysql/adminer.php HTTP/1.1 10-1762-0/0/3575. 0.0070051932140.00.0058.84 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 11-1762-0/0/3590. 0.00158051970010.00.0073.16 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 12-1762177940/44/2717W 35.6124037145940.00.6952.17 27.254.96.168http/1.1www.chonlateefbc.com:443POST /wp-cron.php?doing_wp_cron=1695452574.81639099121093750000 13-1762-0/0/2342. 0.00163033821870.00.0036.14 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 14-1762-0/0/2027. 0.0058031276320.00.0036.69 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 15-1762178080/67/1738_ 72.830026564800.00.9231.72 52.167.144.219http/1.1www.focusfilmthailand.com:443GET /wp-content/uploads/siteorigin-widgets/sow-image-default-05 16-1762178140/84/1358W 46.470017451100.00.7825.16 205.210.31.136http/1.1www.ckt-trading.com:443GET / HTTP/1.1 17-1762-0/0/617. 0.0011907920810.00.0011.82 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 18-1762-0/0/556. 0.0016109782000.00.0013.92 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1762179870/35/502_ 26.25011087307160.00.438.18 51.79.24.51http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bPOST //wp-login.php HTTP/1.1 20-1762-0/0/141. 0.0016901586030.00.006.52 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 21-1762-0/0/115. 0.0016201321300.00.005.22 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1762179960/45/108R 35.94103365680.00.539.92 27.254.96.168http/1.1www.ckt-trading.com:443 23-1762-0/0/35. 0.0047860235960.00.001.87 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 24-1762-0/0/118. 0.00433101364080.00.003.02 49.0.249.187http/1.1www.uniqueworkthailand.com:80POST /xmlrpc.php HTTP/1.0 25-1762-0/0/28. 0.0047740173890.00.000.44 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1762-0/0/4. 0.0047700157610.00.000.07 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 27-1762-0/0/3. 0.004778096260.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1762-0/0/4. 0.0047750111560.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 29-1762-0/0/58. 0.0047000579870.00.000.70 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 30-1762-0/0/100. 0.0043307711412600.00.001.40 51.79.24.51http/1.1www.chonlateekeyman.com:443POST //wp-login.php HTTP/1.1 31-1762-0/0/3. 0.0047710124930.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 32-1762-0/0/4. 0.004788079740.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 33-1762-0/0/4. 0.0047630129440.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 34-1762-0/0/4. 0.0047650108370.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 35-1762-0/0/9. 0.0047720178550.00.000.15 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 36-1762-0/0/6. 0.0047560134700.00.000.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 37-1762-0/0/2. 0.004794570.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 38-1762-0/0/3. 0.004776086730.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 39-1762-0/0/1. 0.004793000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 40-1762-0/0/84. 0.00436302081880.00.001.29 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 41-1762-0/0/1. 0.004792000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 42-1762-0/0/8. 0.0047410123820.00.000.04 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 282subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 18 seconds, (range: 2...39)index usage: 10%, cache usage: 12%total entries stored since starting: 10737total entries replaced since starting: 0total entries expired since starting: 10455total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 441 hit, 20670 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-23 07:01 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31d6f3fa5ed6f3fa5e4e9ea089Apache Status Apache Server Status for smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Wednesday, 20-Sep-2023 13:39:23 +07 Restart Time: Wednesday, 20-Sep-2023 13:38:45 +07 Parent Server Config. Generation: 1749 Parent Server MPM Generation: 1748 Server uptime: 37 seconds Server load: 1.55 1.62 1.38 Total accesses: 227 - Total Traffic: 1.3 MB - Total Duration: 96410 CPU Usage: u2676.59 s5139.82 cu50937800 cs12467100 - 1.71e+8% CPU load 6.14 requests/sec - 36.6 kB/second - 6.0 kB/request - 424.714 ms/request 15 requests currently being processed, 4 idle workers W_CC_CCWRR_WWWCC_WR............................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1748323550/23/23W 4.1600104960.00.230.23 143.42.118.5http/1.1localhost:443GET /server-status HTTP/1.1 1-1748323560/17/17_ 8.7000183920.00.260.26 145.14.157.160http/1.1www.winnerpropest.com:443POST /xmlrpc.php HTTP/1.1 2-1748323571/29/29C 8.3001170421.40.160.16 178.62.73.12http/1.1localhost:443GET /login.action HTTP/1.1 3-1748323581/28/28C 3.250062551.50.140.14 143.42.118.5http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 4-1748323590/27/27_ 3.5101110102970.00.130.13 207.154.240.169http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 5-1748324031/17/17C 4.741193591.40.060.06 134.122.63.192http/1.1localhost:443GET /login.action HTTP/1.1 6-1748324101/21/21C 3.120060381.40.080.08 159.65.58.104http/1.1localhost:443GET /login.action HTTP/1.1 7-1748324170/18/18W 1.410028840.00.080.08 138.197.88.136http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 8-1748324180/14/14R 4.270133383480.00.060.06 139.59.182.142http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /.vscode/sftp.json HTTP/1.1 9-1748324330/11/11R 0.740011820.00.070.07 172.70.111.87http/1.1www.yuritrading.com:80POST /xmlrpc.php HTTP/1.0 10-1748324390/8/8_ 2.410149330.00.030.03 134.122.63.192http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 11-1748324450/4/4W 0.0100100.00.010.01 124.120.35.241http/1.1www.chonlateefbc.com:80POST /wp-admin/admin-ajax.php HTTP/1.0 12-1748324510/3/3W 0.560011470.00.010.01 162.158.238.38http/1.1www.dr-rpi.com:443GET /wp-admin/profile.php HTTP/1.1 13-1748324570/2/2W 0.000040.00.000.00 139.59.182.142http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /about HTTP/1.1 14-1748324641/1/1C 0.001121.50.000.00 159.65.58.104http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 15-1748324701/1/1C 0.001111.50.000.00 178.62.73.12http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 16-1748324720/2/2_ 0.0101110.00.000.00 134.122.63.192http/1.1localhost:443GET /_all_dbs HTTP/1.1 17-1748324780/1/1W 0.001020.00.000.00 161.35.27.144http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 18-1748324880/0/0R 0.000000.00.000.00 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 21subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 282 seconds, (range: 266...297)index usage: 0%, cache usage: 1%total entries stored since starting: 21total entries replaced since starting: 0total entries expired since starting: 0total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 0 hit, 130 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-20 06:37
-
-
Apache server-status page is publicly available
The server-status page (usually
/server-status) allows server administrators to find out how well their server is performing.This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
IP: 203.170.192.183
Domain: smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
Port: 80
URL: http://smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.comFirst seen 2023-09-20 06:37
Last seen 2024-02-02 07:14
Open for 135 days-
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb314ef03e414ef03e41ea03c5cdApache Status Apache Server Status for smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Friday, 02-Feb-2024 14:14:30 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 93 Parent Server MPM Generation: 92 Server uptime: 28 days 4 hours 13 minutes 9 seconds Server load: 2.00 2.01 2.00 Total accesses: 1846516 - Total Traffic: 23.8 GB - Total Duration: 2141102311 CPU Usage: u207.5 s114.34 cu32089.3 cs2210.25 - 1.42% CPU load .759 requests/sec - 10.3 kB/second - 13.5 kB/request - 1159.54 ms/request 1 requests currently being processed, 127 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 029373no0yes032000 229661no3yes131003 329394no0yes032000 529374no0yes032000 Sum403 1127003 ________________________________................................ _____________W__________________________________________________ ................................________________________________ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-92293730/28/14776_ 11.37160160260910.00.13193.76 162.243.161.105http/1.1localhost:443GET /.DS_Store HTTP/1.1 0-92293730/25/15268_ 11.37170139013290.00.09198.95 143.110.156.182http/1.1localhost:443GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-92293730/27/14840_ 11.18232150309240.00.13192.70 167.99.184.41http/1.1localhost:80GET /server-status HTTP/1.1 0-92293730/24/15017_ 11.38120145874870.00.07185.95 162.243.186.177http/1.1localhost:443GET /config.json HTTP/1.1 0-92293730/23/14921_ 11.2990147711640.00.14185.41 146.190.98.165http/1.1localhost:443GET / HTTP/1.1 0-92293730/23/15150_ 11.39110156649100.00.09188.50 162.243.186.177http/1.1localhost:443GET /telescope/requests HTTP/1.1 0-92293730/23/14823_ 11.35190145588360.00.11200.21 143.42.118.5http/1.1localhost:80GET /config.json HTTP/1.1 0-92293730/19/15126_ 11.2990150181980.00.06187.56 138.197.88.136h2localhost:443[0/0] Software caused connection abort 0-92293730/27/15094_ 11.36110145226800.00.07229.87 138.197.88.136http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-92293730/29/15223_ 11.37170148853290.00.14194.87 146.190.64.200http/1.1localhost:443GET /_all_dbs HTTP/1.1 0-92293730/30/14790_ 11.35160154393210.00.08200.68 143.42.118.5http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-92293730/25/14798_ 11.21167147156100.00.07195.44 146.190.98.165http/1.1localhost:443GET /server-status HTTP/1.1 0-92293730/32/14663_ 11.35160137182690.00.13185.49 161.35.176.95http/1.1localhost:80GET /config.json HTTP/1.1 0-92293730/28/14819_ 11.3930169086470.00.07186.00 165.232.76.155http/1.1localhost:80GET / HTTP/1.1 0-92293730/22/15768_ 11.35190141614970.00.08187.74 162.243.161.105http/1.1localhost:443GET / HTTP/1.1 0-92293730/28/14820_ 11.36110165341170.00.07182.46 137.184.150.232http/1.1localhost:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-92293730/29/14868_ 11.35230143404940.00.09206.34 143.42.118.5http/1.1localhost:80GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-92293730/26/14933_ 11.37210144939910.00.09189.27 138.197.88.136http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-92293730/21/14749_ 11.29100160388130.00.03200.51 164.90.205.35http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-92293730/29/14974_ 11.37130144639320.00.11193.79 138.197.88.136http/1.1localhost:443GET /config.json HTTP/1.1 0-92293730/24/14961_ 11.30210181495750.00.13193.40 167.99.8.63http/1.1localhost:80GET /v2/_catalog HTTP/1.1 0-92293730/25/14990_ 11.23110147053460.00.08204.06 167.99.8.63http/1.1localhost:80\x16\x03\x01\x01\x1c\x01 0-92293730/28/15446_ 11.25110150748520.00.14188.26 162.243.161.105h2localhost:443[0/0] Software caused connection abort 0-92293730/26/14657_ 11.37130138764970.00.13190.18 162.243.186.177http/1.1localhost:443GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-92293730/30/14954_ 11.38130162205790.00.08186.86 146.190.64.200http/1.1localhost:443GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 0-92293730/27/14630_ 11.35230135981450.00.12196.97 159.223.102.13http/1.1localhost:80GET /login.action HTTP/1.1 0-92293730/20/15127_ 11.36230144713410.00.04194.48 167.99.8.63http/1.1localhost:80GET /telescope/requests HTTP/1.1 0-92293730/24/14909_ 11.38120159187380.00.04213.29 162.243.161.105http/1.1localhost:443GET /telescope/requests HTTP/1.1 0-92293730/27/14714_ 11.35240152174320.00.10175.91 161.35.176.95http/1.1localhost:80GET /.env HTTP/1.1 0-92293730/22/15170_ 11.35160135139100.00.08225.12 159.223.102.13http/1.1localhost:80GET /.env HTTP/1.1 0-92293730/29/14648_ 11.28110155571710.00.04199.12 146.190.64.200h2localhost:443[0/0] Software caused connection abort 0-92293730/22/14912_ 11.2920145814950.00.12185.11 146.190.64.200h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15731. 0.00360560138364770.00.00219.29 137.184.162.65http/1.1localhost:80GET /.git/config HTTP/1.1 1-92-0/0/15813. 0.00360560136849580.00.00198.68 139.144.150.23http/1.1localhost:443GET /login.action HTTP/1.1 1-92-0/0/15602. 0.00360560174090190.00.00199.96 159.203.44.43h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15318. 0.00360560150896030.00.00189.46 164.92.84.255http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 1-92-0/0/15276. 0.00360560146566320.00.00197.93 159.203.44.43http/1.1localhost:443GET /.git/config HTTP/1.1 1-92-0/0/15655. 0.00360560134151790.00.00198.79 139.144.150.23http/1.1localhost:443GET /.DS_Store HTTP/1.1 1-92-0/0/15351. 0.00360560172789920.00.00188.15 159.223.102.13http/1.1localhost:80GET /_all_dbs HTTP/1.1 1-92-0/0/15185. 0.00360560165483380.00.00189.07 64.227.126.135h2localhost:443[0/0] Software caused connection abort 1-92-0/0/15335. 0.00360560127395500.00.00211.76 134.122.34.144http/1.1localhost:443GET /telescope/requests HTTP/1.1 1-92-0/0/14956. 0.00360560152319130.00.00188.74 159.203.44.43http/1.1localhost:443GET / HTTP/1.1 1-92-0/0/15041. 0.00360560148013860.00.00204.86 164.92.84.255http/1.1localhost:443GET /login.action HTTP/1.1 1-92-0/0/15506. 0.00360560159268070.00.00208.73 139.144.96.150http/1.1localhost:443GET /config.json HTTP/1.1 1-92-0/0/15329. 0.00360560159504030.00.00200.56 45.55.193.222http/1.1localhost:443G
Found on 2024-02-02 07:14 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb314ef03e414ef03e41ebdfd766Apache Status Apache Server Status for smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Sunday, 07-Jan-2024 10:24:34 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 8 Parent Server MPM Generation: 7 Server uptime: 2 days 23 minutes 13 seconds Server load: 3.05 2.87 2.74 Total accesses: 814687 - Total Traffic: 11.0 GB - Total Duration: 1006070672 CPU Usage: u188.81 s16.14 cu13881.1 cs728.27 - 8.5% CPU load 4.68 requests/sec - 66.3 kB/second - 14.2 kB/request - 1234.92 ms/request 9 requests currently being processed, 55 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 016374no2yes329000 216287no8yes626002 Sum2010 955002 ______________W____R______W_____................................ _W__W_______W_____________RR_W__................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-7163740/63/6280_ 33.412085365020.00.9792.77 139.59.182.142http/1.1localhost:80GET /about HTTP/1.1 0-7163740/60/6766_ 32.891062367510.00.7689.17 159.223.108.26http/1.1localhost:443GET /v2/_catalog HTTP/1.1 0-7163740/60/6277_ 33.35088374316470.00.6692.73 162.243.184.251http/1.1 0-7163740/48/6578_ 33.130227571625450.00.6385.39 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /rigxhvp-290titems/etid.html HTTP/1.1 0-7163740/45/6309_ 32.990071472820.00.8381.80 162.243.184.251http/1.1 0-7163740/62/6701_ 33.38311980104590.00.7489.02 161.35.176.95http/1.1localhost:80GET / HTTP/1.1 0-7163740/46/6490_ 33.010060620330.00.6099.23 159.223.108.26http/1.1localhost:443GET /_all_dbs HTTP/1.1 0-7163740/52/6556_ 33.480069652390.00.5785.77 139.59.182.142http/1.1localhost:80GET /login.action HTTP/1.1 0-7163740/60/6558_ 33.38391764882890.00.76127.68 3.224.220.101http/1.1www.chonlateeboi.com:443GET /35540qbkeitems/etidm8.html HTTP/1.1 0-7163740/55/6479_ 33.350073470530.00.9483.47 47.128.96.166http/1.1www.xn--12cx2bef7bl0boq4ch6gugwGET /tag/%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9B%E0%B8%A5%E0%B8%B2 0-7163740/62/6225_ 33.47184278372830.00.7679.37 85.208.96.200http/1.1www.chonlateeadmin.com:443GET /gxvxktd-38681ieti.html HTTP/1.1 0-7163740/51/6179_ 33.29184379761390.00.5780.55 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /iuxxhvp-281keti.html HTTP/1.1 0-7163740/58/6253_ 33.19484055252210.00.7582.78 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /icxxhvp-307kitems/etidm HTTP/1.1 0-7163740/62/6473_ 33.130104183790930.00.7486.96 74.207.237.46http/1.1 0-7163741/62/6891W 32.850062331060.00.7188.66 52.70.240.171http/1.1www.chonlateeboi.com:443GET /21399qecvitems/etidm42bv.htm HTTP/1.1 0-7163740/63/6234_ 33.490104786439600.00.7481.28 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /ocdxhvp-287qetidm27bp.html HTTP/1.1 0-7163740/49/6395_ 33.11284366495950.00.6683.16 162.243.184.251h2localhost:443[0/0] Software caused connection abort 0-7163740/54/6533_ 33.383964526650.00.6985.00 139.59.182.142http/1.1localhost:80GET / HTTP/1.1 0-7163740/62/6555_ 33.451104671407020.00.7983.44 23.22.35.162http/1.1www.chonlateeboi.com:443GET /35664qbkeetidm88sqh.htm HTTP/1.1 0-7163740/67/6321R 33.16588170712040.00.8088.62 3.224.220.101http/1.1www.chonlateeboi.com:443 0-7163740/66/6601_ 33.431094670840.00.8291.42 139.59.182.142http/1.1localhost:80GET /v2/_catalog HTTP/1.1 0-7163740/56/6273_ 33.38312988774337400.00.7285.02 94.228.169.107http/1.1www.thesungolden.com:443POST /wp-content/uploads/wpr-addons/forms/061f69806f7d.php HTTP 0-7163740/55/6836_ 33.243778912360.00.5891.01 203.170.192.183http/1.1www.mkandptfoods.com:443POST /wp-cron.php?doing_wp_cron=1704597865.60956001281738281250 0-7163740/62/6372_ 33.36583865232890.00.7691.55 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /rigxhvp-290titems/etid.html HTTP/1.1 0-7163740/54/6278_ 33.38383977137130.00.6478.83 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /xkmxhvp-296zitems/etidm37kxz.html HTTP/1.1 0-7163740/68/6396_ 33.480059487070.00.8082.74 139.59.182.142http/1.1localhost:80GET /_all_dbs HTTP/1.1 0-7163741/65/6383W 32.850072904760.00.8492.23 161.35.176.95http/1.1localhost:80GET /server-status HTTP/1.1 0-7163740/51/6377_ 33.500079661630.00.64112.86 139.59.182.142http/1.1localhost:80GET /.DS_Store HTTP/1.1 0-7163740/47/6300_ 33.02278168397500.00.6079.50 162.243.184.251h2localhost:443[0/0] Software caused connection abort 0-7163740/51/6570_ 32.853074441200.00.57118.43 47.128.96.166h2www.xn--12cx2bef7bl0boq4ch6gugw[0/0] init 0-7163740/56/6266_ 33.28184669276560.00.5791.85 74.207.237.46http/1.1 0-7163740/64/6582_ 33.033071835880.00.7484.67 159.223.108.26http/1.1localhost:443GET /s/338313e2239313e2037313e2330323/_/;/META-INF/maven/com.at 1-7-0/0/6466. 0.00166342274721740.00.0084.07 51.15.59.15http/1.1www.happy-carrent.com:443POST /xmlrpc.php HTTP/1.1 1-7-0/0/6249. 0.00166345268360270.00.0079.42 66.249.71.201http/1.1www.twinbuilt.co.th:443GET /?e=5501-seminary-rd-unit-2305s-falls-church-va-22041-5-ii- 1-7-0/0/6212. 0.001663959100680970.00.0080.31 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /pveitgo-24936retidm30cir.htm HTTP/1.1 1-7-0/0/5977. 0.00166384377800350.00.0079.41 52.167.144.137h2www.chonlateenextbiz.com:443[1/1] done: stream 1, GET /8pcpoe/best-cursive-fonts-for-tattoo 1-7-0/0/6152. 0.00166384376922630.00.0092.62 52.70.240.171http/1.1www.chonlateeboi.com:443GET /42454qecvetidm79w HTTP/1.1 1-7-0/0/6223. 0.00166384766598140.00.0081.75 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /ntcitgo-35802petid.htm HTTP/1.1 1-7-0/0/6251. 0.001663219370593040.00.0079.56 52.70.240.171http/1.1www.chonlateeboi.com:443GET /19075oqmiitems/etidm HTTP/1.1 1-7-0/0/6319. 0.00166388579594730.00.0084.70 52.167.144.186h2www.happy-carrent.com:443GET /wp-content/uploads/2018/09/Page-02-1024x410.jpg HTTP/2.0 1-7-0/0/6288. 0.001663114057278660.00.0081.40 52.167.144.186h2www.happy-carrent.com:443[1/1] done: stream 1, GET /wp-content/uploads/2018/09/Page-02-1 1-7-0/0/6224. 0.00166330979955160.00.0086.70 163.172.106.185http/1.1www.tspaccount.net:443POST /wp-login.php HTTP/1.1 1-7-0/0/6028. 0.00166367377872850.00.0086.08 185.191.171.5http/1.1www.chonlateefood.com:443GET /getid/rig11587vvpiitems HTTP/1.1 1-7-0/0/6552. 0.00166397160633540.00.0094.71 52.70.240.171http/1.1www.chonlateeboi.com:443GET /20484tbrmetidm1.htm HTTP/1.1 1-7-0/0/6284. 0.00166384581432030.00.0084.49 23.22.35.162http/1.1www.chonlateeboi.com:443GET
Found on 2024-01-07 03:24 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb314ef03e414ef03e41992d9bc2Apache Status Apache Server Status for smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Saturday, 06-Jan-2024 02:19:51 ICT Restart Time: Friday, 05-Jan-2024 10:01:20 ICT Parent Server Config. Generation: 3 Parent Server MPM Generation: 2 Server uptime: 16 hours 18 minutes 30 seconds Server load: 2.84 2.81 2.76 Total accesses: 293151 - Total Traffic: 4.1 GB - Total Duration: 256320852 CPU Usage: u658.25 s35.72 cu4282.28 cs230.01 - 8.87% CPU load 4.99 requests/sec - 74.1 kB/second - 14.8 kB/request - 874.365 ms/request 12 requests currently being processed, 116 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 019907no1yes131001 419908no7yes329005 719927no3yes428001 919931no9yes428015 Sum4020 121160112 ______________________________W_................................ ................................................................ ___________W___R__________R_____................................ ................................WW_____W____W___________________ ................................____W_________W_______R___W_____ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-2199070/232/3075_ 139.17586125456600.02.6445.67 66.249.71.170http/1.1www.chonlateeadmin.com:443GET /trust.php?ubxaonh-227169kitems/eti HTTP/1.1 0-2199070/225/3320_ 137.89184524069460.02.8943.84 3.224.220.101http/1.1www.chonlateeboi.com:443GET /4582biwxetidm51g HTTP/1.1 0-2199070/218/3011_ 139.193036744310.02.7152.35 147.182.168.210http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-2199070/223/3253_ 138.783114326655770.02.8941.36 66.249.72.66http/1.1www.chonlateeadmin.com:443GET /trust.php?lanaonh-355834aitems/eti HTTP/1.1 0-2199070/208/3132_ 139.166024584760.02.3539.17 147.182.168.210http/1.1localhost:443GET / HTTP/1.1 0-2199070/222/3375_ 139.137104527225250.03.0042.69 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?ltaggdh-186964netidm8 HTTP/1.1 0-2199070/227/3149_ 138.86192524651200.02.7954.36 178.128.151.41h2localhost:443[0/0] Software caused connection abort 0-2199070/242/3162_ 139.241025500990.02.5740.97 192.53.126.23http/1.1localhost:443GET /.DS_Store HTTP/1.1 0-2199070/234/3209_ 138.12484125403770.02.5183.30 23.22.35.162http/1.1www.chonlateeboi.com:443GET /22341yktqitems/etidm78.htm HTTP/1.1 0-2199070/220/3141_ 139.175024553870.02.8440.66 192.53.126.23http/1.1localhost:443GET /debug/default/view?panel=config HTTP/1.1 0-2199070/226/3073_ 138.675117228093640.02.7637.76 203.170.192.183http/1.1www.12gobiz.com:443GET /%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%9B%E0%B8%A3%E0%B8%B6%E0% 0-2199070/242/3019_ 137.76587024710920.02.8238.88 66.249.71.169http/1.1www.chonlateeadmin.com:443GET /trust.php?xnwaonh-223168jetidm1 HTTP/1.1 0-2199070/210/2977_ 138.57086524644010.02.4940.71 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?yunggdh-230839aitems/etidm61lh HTTP/1.1 0-2199070/209/3261_ 138.99483935957320.02.5644.22 66.249.71.169http/1.1www.chonlateeadmin.com:443GET /trust.php?izkvrsm-193019xitems/etid.html HTTP/1.1 0-2199070/224/3319_ 139.212028063520.02.4744.46 178.62.73.12http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-2199070/196/3045_ 136.595406025565610.02.2539.42 161.35.27.144h2localhost:443[0/0] Software caused connection abort 0-2199070/211/2998_ 139.212028627350.02.6238.92 147.182.168.210http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-2199070/216/3295_ 139.240024190570.02.4443.61 139.144.150.8http/1.1localhost:80GET /v2/_catalog HTTP/1.1 0-2199070/216/3190_ 138.965024001030.02.5641.57 91.92.252.141http/1.1www.chonlateevip.com:80GET /wp-includes/images/include.php HTTP/1.1 0-2199070/215/3036_ 139.270112728560310.02.4844.81 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?vmyhlzs-314114letid.htm HTTP/1.1 0-2199070/221/3086_ 139.240104924066720.02.8343.86 147.182.168.210http/1.1localhost:443GET /server-status HTTP/1.1 0-2199070/208/3134_ 139.166026436990.02.5944.77 192.53.126.23http/1.1localhost:443GET /.vscode/sftp.json HTTP/1.1 0-2199070/235/3480_ 138.62688324394330.02.7544.23 66.249.72.65http/1.1www.chonlateeadmin.com:443GET /trust.php?ejaecaw-329203netidm1 HTTP/1.1 0-2199070/195/2968_ 139.013524183700.02.2439.04 139.59.182.142http/1.1localhost:80GET /server-status HTTP/1.1 0-2199070/229/3038_ 138.56183824439590.02.7938.79 66.249.71.168http/1.1www.chonlateeadmin.com:443GET /trust.php?jufhsbr-12424sitems/eti HTTP/1.1 0-2199070/218/3018_ 139.20284824256070.02.7639.20 3.224.220.101http/1.1www.chonlateeboi.com:443GET /44139ztiaitems/etidm.htm HTTP/1.1 0-2199070/205/3097_ 138.91086127388060.02.7749.86 85.208.96.201http/1.1www.chonlateeadmin.com:443GET /fruemnz-5244hetidm8.htm HTTP/1.1 0-2199070/203/3079_ 138.50184628489640.02.7569.97 159.89.83.196h2localhost:443[0/0] Software caused connection abort 0-2199070/219/2984_ 139.042024507160.02.5637.53 139.59.182.142http/1.1localhost:80GET /.DS_Store HTTP/1.1 0-2199070/226/3335_ 139.166023174080.02.6578.21 159.203.63.67http/1.1localhost:443GET / HTTP/1.1 0-2199071/225/3034W 139.100024384360.02.8346.93 3.224.220.101http/1.1www.chonlateeboi.com:443GET /10281khrritems/eti.htm HTTP/1.1 0-2199070/228/3391_ 139.091327203250.02.8141.44 147.182.168.210http/1.1localhost:443GET /server-status HTTP/1.1 1-1-0/0/2323. 0.00688186617630010.00.0030.27 207.46.13.154http/1.1www.thaidaoherb.com:443GET /9i7h/dyv42461ryyhc053875235.html HTTP/2.0 1-1-0/0/2100. 0.006881173417390000.00.0027.02 66.249.71.7http/1.1www.chonlateenextbiz.com:443GET /db.php?g3192039.shtml HTTP/1.1 1-1-0/0/2227. 0.006881107117630050.00.0030.69 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?rngadej-26472tetidm80eat.htm HTTP/1.1 1-1-0/0/2089. 0.006881211517285130.00.0027.89 66.249.69.229http/1.1www.chonlateenextbiz.com:443GET /db.php?g335424.shtml HTTP/1.1 1-1-0/0/2129. 0.00688185117106500.00.0032.51 52.70.240.171http/1.1www.chonlateeboi.com:443GET /48835biwxitems/etidm HTTP/1.1 1-1-0/0/2185. 0.00688185816794840.00.0028.38 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?jryadej-23266letid HTTP/1.1 1-1-0/0/2135. 0.00688197217421340.00.0026.37 23.22.35.162http/1.1www.chonlateeboi.com:443GET /22684biwxetidm7 HTTP/1.1 1-1-0/0/2185. 0.0068811717237790.00.0029.46 66.249.71.3http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?papaw99.xml HTTP/1.1 1-1-0/0/2163. 0.00688184617365570.00.0029.98 23.22.35.162http/1.1www.chonlateeboi.com:443GET /42349biwxitems/etidm52 HTTP/1.1 1-1-0/0/2112. 0.00688189516912400.00.0027.55 185.191.171.3http/1.1www.chonlateefood.com:443GET /geti/cer43578htewitems.htm HTTP/1.1 1-1-0/0/2118. 0.006881102016733450.00.0031.98 157.55.39.202h2www.chonlateeadmin.com:443[1/1] done: strea
Found on 2024-01-05 19:19 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb314ef03e414ef03e41cd291156Apache Status Apache Server Status for smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Monday, 11-Dec-2023 19:18:31 ICT Restart Time: Friday, 01-Dec-2023 00:22:58 ICT Parent Server Config. Generation: 41 Parent Server MPM Generation: 40 Server uptime: 10 days 18 hours 55 minutes 33 seconds Server load: 0.96 0.85 0.89 Total accesses: 4251748 - Total Traffic: 54.6 GB - Total Duration: 4033751444 CPU Usage: u262.06 s48.33 cu76365.7 cs4002.43 - 8.66% CPU load 4.56 requests/sec - 61.4 kB/second - 13.5 kB/request - 948.728 ms/request 11 requests currently being processed, 53 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 010297no0yes329000 22452no5yes824001 Sum205 1153001 ___R_________________________RR_................................ _R_W___R___W_W___R__________RR__................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-40102970/99/38326_ 59.262888349638290.01.32485.73 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?lnaadej-140528nitems/etidm58yan.html HTTP/1.1 0-40102970/94/37655_ 59.272873356595330.01.11476.21 66.249.64.226http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?tbmooqo-2736zetidm58g HTTP/1.1 0-40102970/109/38040_ 58.963691391431180.01.27488.23 51.222.253.10http/1.1www.thai-pack.com:443GET /robots.txt HTTP/2.0 0-40102970/107/38114R 59.085644378858670.01.21498.66 3.224.220.101http/1.1 0-40102970/93/38606_ 59.071879360430650.01.15552.37 52.70.240.171http/1.1www.chonlateeboi.com:443GET /trust.php?295797evvmitems/etidm92.htm HTTP/1.1 0-40102970/98/37673_ 58.242631389570520.01.33477.15 79.137.206.177http/1.1www.mkandptfoods.com:443POST /bdb1c307e65f.php HTTP/1.1 0-40102970/93/38022_ 58.963663390392880.01.16479.85 178.128.151.41h2localhost:443[0/0] Software caused connection abort 0-40102970/96/38763_ 59.1240358722510.01.21486.81 178.128.151.41http/1.1localhost:443GET / HTTP/1.1 0-40102970/83/37741_ 59.3010370713710.00.98494.99 139.59.65.144http/1.1localhost:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-40102970/88/38174_ 58.782646358675970.01.04488.71 54.36.149.106h2www.thai-pack.com:443[1/1] done: stream 1, GET /wp-content/uploads/2020/04/11-paper- 0-40102970/96/37677_ 59.2720374486490.01.14459.01 162.243.184.251http/1.1localhost:80GET /about HTTP/1.1 0-40102970/104/37782_ 59.071869358350640.01.21508.84 66.249.71.2http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?oahynxw-40249uetidm32bn.html HTTP/1.1 0-40102970/90/37599_ 58.160890365712740.01.06458.79 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?271454evvmitems/etidm96o.html HTTP/1.1 0-40102970/89/37817_ 59.2520394757060.01.09488.13 147.182.130.98http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-40102970/91/38088_ 59.292908369917770.01.17478.94 192.42.116.174http/1.1www.dinocoffees.com:443POST /xmlrpc.php HTTP/1.1 0-40102970/109/37734_ 59.1630362762480.01.22533.28 147.182.130.98http/1.1localhost:80GET / HTTP/1.1 0-40102970/94/38744_ 59.042846366336580.01.18513.65 54.36.149.106http/1.1www.thai-pack.com:443GET /wp-content/uploads/2020/04/11-paper-bag.jpg?gid=1 HTTP/2.0 0-40102970/88/38185_ 58.6930356889360.01.06471.54 139.59.65.144h2localhost:443[0/0] Software caused connection abort 0-40102970/94/38205_ 58.921860358462480.020.59494.78 52.70.240.171http/1.1www.chonlateeboi.com:443GET /trust.php?282661evvmitems/etidm85 HTTP/1.1 0-40102970/100/38529_ 58.963646374472020.01.25502.22 139.59.65.144http/1.1 0-40102970/76/37902_ 59.2620352457630.00.85500.55 139.59.65.144http/1.1localhost:443GET / HTTP/1.1 0-40102970/101/38103_ 59.3010376983820.01.15493.05 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /fpmcktp3112zk6p4bpb/0d8efd9cfe.html HTTP/1.1 0-40102970/103/37804_ 59.0120395798310.01.21501.41 178.128.151.41h2localhost:443[0/0] Software caused connection abort 0-40102970/95/37150_ 58.742875351890680.01.13462.68 139.59.65.144h2localhost:443[0/0] Software caused connection abort 0-40102970/97/38168_ 59.3200361785830.01.19508.03 139.59.65.144http/1.1localhost:443GET /login.action HTTP/1.1 0-40102970/92/37458_ 59.2330378914780.01.07458.63 147.182.130.98http/1.1localhost:80GET / HTTP/1.1 0-40102970/99/38193_ 57.653836362590360.01.10571.95 40.77.188.112h2www.summer-techthai.com:443[0/0] init 0-40102970/87/37423_ 57.063686361095580.01.19498.66 40.77.188.112h2www.summer-techthai.com:443[1/1] done: stream 1, GET /wp-content/uploads/2023/07/%E0%B8%94 0-40102970/88/37994_ 59.292869401884750.01.04511.12 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?282674evvmitems/etid.html HTTP/1.1 0-40102970/83/37886R 58.465859365251700.00.99491.41 192.42.116.174http/1.1 0-40102970/93/38005R 58.2041068357890470.01.07482.12 66.249.64.227http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4b 0-40102970/96/37727_ 58.3031784366008410.01.57525.76 139.59.65.144h2localhost:443[0/0] Software caused connection abort 1-40-0/0/38863. 0.001162863364752980.00.00492.68 23.22.35.162http/1.1www.chonlateeboi.com:443GET /trust.php?291574evvmetidm20k HTTP/1.1 1-40-0/0/38802. 0.001162917373119540.00.00535.20 3.224.220.101http/1.1www.chonlateeadmin.com:443GET /trust.php?qwfadej-222771sitems/etidm.htm HTTP/1.1 1-40-0/0/38626. 0.001162603374504180.00.00537.29 66.249.64.102http/1.1www.chonlateefbc.com:443GET /?m=macbook-air-mac-book-pro-imac-mac-mini-macbook-mm-OPeRV 1-40-0/0/38884. 0.001162635382396960.00.00547.99 66.249.64.102http/1.1www.chonlateefbc.com:443GET /?m=genuine-msi-crosshair-15-r6e-b12ugz-414tr-battery-90wh- 1-40-0/0/39629. 0.001162623354047560.00.00604.02 66.249.71.165http/1.1www.chonlateefbc.com:443GET /?m=air-filter-472306-for-komatsu-engine-4d94-4d95s-p40-mm- 1-40-0/0/38433. 0.001162891350986300.00.00551.36 52.70.240.171http/1.1www.chonlateeadmin.com:443GET /trust.php?nncadej-289744petidm66aap HTTP/1.1 1-40-0/0/38562. 0.001162843351221390.00.00517.38 121.4.151.114http/1.1 1-40-0/0/38902. 0.001162868378421350.00.00496.70 65.109.127.29http/1.1www.thesungolden.com:443GET /tzeu2e/best-cheap-wonderkid-fm-2023.html HTTP/1.1 1-40-0/0/38702. 0.0011621051367400040.00.00487.21 52.70.240.171http/1.1www.chonlateeboi.com:443GET /trust.php?214574evvmitems/etidm53w.html HTTP/1.1 1-40-0/0/38838. 0.0011620359455680.00.00497.82 3.233.221.90http/1.1www.12gobiz.com:443GET /tag/%E0%B8%97%E0%B8%B3%E0%B8%9A%E0%B8%B1%E0%B8%8D%E0%B8%8A 1-40-0/0/39346. 0.0011620355193580.00.00521.44 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /xebcatalogpcov/9112 HTTP/1.1 1-40-0/0/39149. 0.0011622567358760430.00.00488.17 192.187.119.58http/1.1
Found on 2023-12-11 12:18 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb314ef03e414ef03e41b1e8033eApache Status Apache Server Status for smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 203.170.192.183) Server Version: Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips Server MPM: event Server Built: Oct 15 2023 18:16:43 Current Time: Thursday, 23-Nov-2023 00:23:57 ICT Restart Time: Monday, 20-Nov-2023 10:17:03 ICT Parent Server Config. Generation: 9 Parent Server MPM Generation: 8 Server uptime: 2 days 14 hours 6 minutes 53 seconds Server load: 1.35 1.87 1.62 Total accesses: 648033 - Total Traffic: 8.2 GB - Total Duration: 719137581 CPU Usage: u59.01 s12.71 cu9707.16 cs570.87 - 4.63% CPU load 2.9 requests/sec - 38.6 kB/second - 13.3 kB/request - 1109.72 ms/request 21 requests currently being processed, 107 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 06877no1yes131100 16697no2yes527001 36879no19yes626001 46881no2yes923001 Sum4024 21107103 _W______________________________________W_____W_W_________R___W_ ................................W______W_____R_WW______________W ___WW____W____________WW____RWWW................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process <SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-868770/28/5238_ 11.7612147419540.00.3672.54 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/jeg-elementor-kit/assets/js/elements/st 0-868771/24/4983W 11.101050374610.00.2661.56 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-json/ HTTP/1.1 0-868770/26/4909_ 11.720068876520.00.4060.32 139.59.182.142http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-868770/20/5096_ 11.84065348793540.00.2862.97 66.249.79.68http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?dmezkxl-2720retidm50qzr HTTP/1.1 0-868770/24/5147_ 11.7411251687560.00.2879.22 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/in 0-868770/24/5223_ 10.65092150709910.00.4062.71 161.35.176.95h2localhost:443[0/0] Software caused connection abort 0-868770/26/5076_ 11.791109751557000.00.3365.50 23.22.35.162http/1.1www.chonlateeadmin.com:443GET /trust.php?dnsecaw-246678fetidm53q.htm HTTP/1.1 0-868770/29/4975_ 11.541048178580.00.3561.72 128.199.61.251http/1.1localhost:80GET / HTTP/1.1 0-868770/17/5222_ 11.46150250388740.00.1660.80 85.208.96.204http/1.1www.mkandptfoods.com:443GET /wzy.php?m51926256234.html HTTP/1.1 0-868770/23/5316_ 11.73167148072370.00.2981.42 66.249.79.66http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?kklwxmt-38373yetidm69.html HTTP/1.1 0-868770/22/5256_ 11.7512349364210.00.3963.06 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4 0-868770/21/5363_ 11.721049590390.00.2476.17 128.199.61.251http/1.1localhost:80GET /.vscode/sftp.json HTTP/1.1 0-868770/20/5306_ 11.23194452171030.00.3269.09 23.22.35.162http/1.1www.chonlateeboi.com:443GET /36021tbrmitems/etidm99.htm HTTP/1.1 0-868770/24/5290_ 11.7511549122730.00.2562.19 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/qi-addons-for-elementor/inc/plugins/ele 0-868770/21/4997_ 11.46164149334990.00.2556.97 66.249.71.4http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bGET /mds.php?pnqasnc-15212detidm9 HTTP/1.1 0-868770/26/4955_ 11.7613750751060.00.2359.21 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/ao 0-868770/26/4946_ 11.701047839840.00.3459.38 161.35.155.246http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 0-868770/21/5280_ 11.701048733620.00.2358.35 207.154.240.169http/1.1localhost:80GET / HTTP/1.1 0-868770/23/5034_ 11.701050217500.00.2771.03 178.62.73.12http/1.1localhost:80GET / HTTP/1.1 0-868770/23/5097_ 11.781050206330.00.3373.64 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/fronte 0-868770/20/4985_ 10.921049737540.00.2968.12 5.101.157.148http/1.1www.dinocoffees.com:443POST /wp-login.php HTTP/2.0 0-868770/19/5231_ 10.841044691110.00.2367.68 23.22.35.162http/1.1www.krongthongsecurity.com:443GET /bqirtdd190230vf037b7e3 HTTP/1.1 0-868770/17/4975_ 11.101051856100.00.1463.12 161.35.176.95h2localhost:443[0/0] Software caused connection abort 0-868770/25/4984_ 11.771050753540.00.3173.04 128.199.61.251http/1.1localhost:80GET /about HTTP/1.1 0-868770/18/5064_ 11.42189349737180.00.2562.67 185.191.171.16http/1.1www.chonlateeboi.com:443GET /33364tzwaetidm9 HTTP/1.1 0-868770/19/5165_ 11.7612347535140.00.2667.24 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/themes/sydney/js/so-legacy.js?ver=6.3.2 HTTP/1. 0-868770/24/5260_ 11.701049453910.00.2285.08 139.59.182.142http/1.1localhost:80GET / HTTP/1.1 0-868770/17/5356_ 10.95080750357090.00.2085.39 223.24.157.217h2www.xn--12cx2bef7bl0boq4ch6gugw[0/0] init 0-868770/21/4933_ 11.3313749140460.00.2567.95 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/fronte 0-868770/14/5222_ 11.7511152407730.00.1859.91 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/lib/pa 0-868770/16/5044_ 11.7512647464910.00.2564.72 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/themes/sydney/js/so-legacy-main.min.js?ver=6.3. 0-868770/25/5244_ 11.741346041050.00.3363.60 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/royal-elementor-addons/assets/js/modal- 1-866970/21/5363_ 8.451054667380.00.2257.61 178.62.73.12http/1.1localhost:80GET /about HTTP/1.1 1-866970/17/4984_ 7.9706051429070.00.1959.48 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/qi-addons-for-elementor/assets/plugins/ 1-866970/21/5183_ 8.4905255143570.00.2759.77 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min 1-866970/13/5136_ 7.87084748848650.00.1668.55 139.59.182.142http/1.1 1-866970/12/5107_ 8.4903749951420.00.1758.07 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/themes/sydney/js/functions.min.js?ver=20230315 1-866970/12/5042_ 7.47189352521240.00.1361.33 161.35.27.144h2localhost:443[0/0] Software caused connection abort 1-866970/16/5474_ 8.520053860880.00.2663.46 139.59.182.142http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.1 1-866970/16/5294_ 7.920050744480.00.1768.77 161.35.27.144http/1.1 1-866971/18/5195W 7.691051338550.00.2070.38 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /comments/feed/ HTTP/1.1 1-866970/15/5461_ 7.2013153738510.00.1865.73 104.164.173.38http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /wp-content/themes/sydney/js/scripts.js?ver=6.3.2 HTTP/1.1 1-866970/15/5456_ 8.081272653685270.00.1672.12
Found on 2023-11-22 17:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31d6f3fa5ed6f3fa5e8c5e5c37Apache Status Apache Server Status for smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Saturday, 23-Sep-2023 14:03:09 +07 Restart Time: Saturday, 23-Sep-2023 04:02:11 +07 Parent Server Config. Generation: 1763 Parent Server MPM Generation: 1762 Server uptime: 10 hours 58 seconds Server load: 2.57 2.55 2.23 Total accesses: 67001 - Total Traffic: 1.1 GB - Total Duration: 96119596 CPU Usage: u2990.06 s5226.14 cu51116000 cs12505100 - 176000% CPU load 1.86 requests/sec - 33.1 kB/second - 17.8 kB/request - 1434.6 ms/request 8 requests currently being processed, 5 idle workers RW___RW_....W.._W..C..W........................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1762180790/25/5233R 19.670070927870.00.4194.16 45.55.193.222http/1.1localhost:80GET /about HTTP/1.0 1-1762180920/21/5140W 12.011073758410.00.2295.43 27.254.96.168http/1.1www.chonlateefbc.com:443GET / HTTP/1.1 2-1762181070/18/5255_ 13.57084273915960.00.2076.74 51.79.24.51http/1.1www.chonlateemeet.com:443POST //wp-login.php HTTP/1.1 3-1762181280/14/4858_ 12.870065751290.00.1974.23 139.144.150.45http/1.1localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 4-1762181390/13/5022_ 7.980068019270.00.1490.74 159.223.108.26http/1.1 5-1762177840/62/4763R 72.391124372755100.00.6966.21 51.79.24.51http/1.1www.chonlateemeet.com:443 6-1762177430/78/4548W 50.302067233590.00.8189.42 64.227.126.135http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET / HTTP/1.1 7-1762181980/3/4267_ 0.890062970740.00.0163.18 45.55.193.222http/1.1localhost:80GET /debug/default/view?panel=config HTTP/1.0 8-1762-0/0/4221. 0.00168061332790.00.0080.42 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 9-1762-0/0/3845. 0.009253356072820.00.0055.42 94.232.42.51http/1.1www.ltclevelup.com:443GET /mysql/adminer.php HTTP/1.1 10-1762-0/0/3575. 0.0060051932140.00.0058.84 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 11-1762-0/0/3590. 0.00148051970010.00.0073.16 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 12-1762177940/44/2717W 35.6114037145940.00.6952.17 27.254.96.168http/1.1www.chonlateefbc.com:443POST /wp-cron.php?doing_wp_cron=1695452574.81639099121093750000 13-1762-0/0/2342. 0.00153033821870.00.0036.14 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 14-1762-0/0/2027. 0.0048031276320.00.0036.69 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 15-1762178080/63/1734_ 70.560119126520020.00.8931.68 27.254.96.168http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1POST /wp-cron.php?doing_wp_cron=1695452587.53917503356933593750 16-1762178140/78/1352W 45.570017433520.00.7525.13 139.144.150.45http/1.1localhost:80GET /server-status HTTP/1.0 17-1762-0/0/617. 0.0010907920810.00.0011.82 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 18-1762-0/0/556. 0.0015109782000.00.0013.92 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 19-1762179871/33/500C 25.140119472849916.80.418.17 51.79.24.51http/1.1www.xn--12cn0bmbkgc3ent5c1ewa4bPOST //wp-login.php HTTP/1.1 20-1762-0/0/141. 0.0015901586030.00.006.52 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 21-1762-0/0/115. 0.0015201321300.00.005.22 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 22-1762179960/41/104W 31.83003282890.00.499.87 51.79.24.51http/1.1www.chonlateefood.com:443POST //wp-login.php HTTP/1.1 23-1762-0/0/35. 0.0047770235960.00.001.87 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 24-1762-0/0/118. 0.00432101364080.00.003.02 49.0.249.187http/1.1www.uniqueworkthailand.com:80POST /xmlrpc.php HTTP/1.0 25-1762-0/0/28. 0.0047650173890.00.000.44 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 26-1762-0/0/4. 0.0047610157610.00.000.07 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 27-1762-0/0/3. 0.004769096260.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 28-1762-0/0/4. 0.0047660111560.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 29-1762-0/0/58. 0.0046910579870.00.000.70 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 30-1762-0/0/100. 0.0043207711412600.00.001.40 51.79.24.51http/1.1www.chonlateekeyman.com:443POST //wp-login.php HTTP/1.1 31-1762-0/0/3. 0.0047620124930.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 32-1762-0/0/4. 0.004779079740.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 33-1762-0/0/4. 0.0047540129440.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 34-1762-0/0/4. 0.0047560108370.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 35-1762-0/0/9. 0.0047630178550.00.000.15 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 36-1762-0/0/6. 0.0047470134700.00.000.03 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 37-1762-0/0/2. 0.004785570.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 38-1762-0/0/3. 0.004767086730.00.000.01 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 39-1762-0/0/1. 0.004784000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 40-1762-0/0/84. 0.00435302081880.00.001.29 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 41-1762-0/0/1. 0.004783000.00.000.00 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 42-1762-0/0/8. 0.0047320123820.00.000.04 127.0.0.1http/1.1server1.chonlatee.com:80OPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 282subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 22 seconds, (range: 1...49)index usage: 10%, cache usage: 12%total entries stored since starting: 10729total entries replaced since starting: 0total entries expired since starting: 10447total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 441 hit, 20647 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-23 07:01 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31d6f3fa5ed6f3fa5e36843bb2Apache Status Apache Server Status for smtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com (via 27.254.96.168) Server Version: Apache/2.4.46 (Unix) OpenSSL/1.0.2u PHP/7.2.33 Server MPM: prefork Server Built: May 6 2022 15:05:21 Current Time: Wednesday, 20-Sep-2023 13:39:16 +07 Restart Time: Wednesday, 20-Sep-2023 13:38:45 +07 Parent Server Config. Generation: 1749 Parent Server MPM Generation: 1748 Server uptime: 30 seconds Server load: 1.37 1.59 1.37 Total accesses: 120 - Total Traffic: 862 kB - Total Duration: 59667 CPU Usage: u2662.06 s5136.01 cu50937800 cs12467100 - 2.11e+8% CPU load 4 requests/sec - 28.7 kB/second - 7.2 kB/request - 497.225 ms/request 8 requests currently being processed, 3 idle workers RRRWWW__W_W....................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1748323550/18/18R 2.930080700.00.200.20 91.231.84.5http/1.1 1-1748323560/10/10R 6.3300137500.00.200.20 139.59.182.142http/1.1 2-1748323570/20/20R 4.9001101980.00.130.13 134.122.89.242http/1.1localhost:80GET /login.action HTTP/1.0 3-1748323580/18/18W 1.980037710.00.130.13 207.154.240.169http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /.vscode/sftp.json HTTP/1.0 4-1748323590/17/17W 2.400080600.00.090.09 162.243.161.105http/1.1localhost:80GET /server-status HTTP/1.0 5-1748324030/9/9W 2.581049550.00.020.02 124.120.35.241http/1.1www.chonlateefbc.com:80POST /wp-admin/admin-ajax.php HTTP/1.0 6-1748324100/8/8_ 2.470048040.00.020.02 138.197.88.136http/1.1 7-1748324170/8/8_ 1.310025410.00.010.01 165.232.76.155http/1.1localhost:80GET /_all_dbs HTTP/1.0 8-1748324180/9/9W 1.281023470.00.030.03 124.120.35.241http/1.1www.chonlateefbc.com:80POST /wp-admin/admin-ajax.php HTTP/1.0 9-1748324330/3/3_ 0.69058211680.00.010.01 134.122.63.192http/1.1 10-1748324390/0/0W 0.000000.00.000.00 161.35.27.144http/1.1www.xn--2566-4do9ab5h1bfcjg7hg1GET /.vscode/sftp.json HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 15subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 287 seconds, (range: 273...294)index usage: 0%, cache usage: 0%total entries stored since starting: 15total entries replaced since starting: 0total entries expired since starting: 0total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 0 hit, 93 misstotal removes since starting: 0 hit, 0 miss
Found on 2023-09-20 06:37
-
-
Open service 27.254.96.168:443 · xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
2024-09-26 14:03
HTTP/1.1 302 Move Temporarily Date: Thu, 26 Sep 2024 14:03:29 GMT Server: Apache/2 X-Powered-By: PHP/7.2.33 Location: Vary: User-Agent Content-Length: 2 Connection: close Content-Type: text/html; charset=UTF-8
Found 2 days ago by HttpPluginCreate report
-
Open service 27.254.96.168:443 · www.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
2024-09-26 09:50
HTTP/1.1 302 Move Temporarily Date: Thu, 26 Sep 2024 09:50:11 GMT Server: Apache/2 X-Powered-By: PHP/7.2.33 Location: Vary: User-Agent Content-Length: 2 Connection: close Content-Type: text/html; charset=UTF-8
Found 2 days ago by HttpPluginCreate report
-
Open service 27.254.96.168:443 · xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
2024-09-24 14:33
HTTP/1.1 302 Move Temporarily Date: Tue, 24 Sep 2024 14:33:41 GMT Server: Apache/2 X-Powered-By: PHP/7.2.33 Location: Vary: User-Agent Content-Length: 2 Connection: close Content-Type: text/html; charset=UTF-8
Found 2024-09-24 by HttpPluginCreate report
-
Open service 27.254.96.168:443 · www.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
2024-09-24 08:59
HTTP/1.1 302 Move Temporarily Date: Tue, 24 Sep 2024 08:59:56 GMT Server: Apache/2 X-Powered-By: PHP/7.2.33 Location: Vary: User-Agent Content-Length: 2 Connection: close Content-Type: text/html; charset=UTF-8
Found 2024-09-24 by HttpPluginCreate report
-
Open service 27.254.96.168:443 · www.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
2024-09-16 01:07
HTTP/1.1 302 Move Temporarily Date: Mon, 16 Sep 2024 01:08:02 GMT Server: Apache/2 X-Powered-By: PHP/7.2.33 Location: Vary: User-Agent Content-Length: 2 Connection: close Content-Type: text/html; charset=UTF-8
Found 2024-09-16 by HttpPluginCreate report
-
Open service 27.254.96.168:443 · xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
2024-09-16 00:24
HTTP/1.1 302 Move Temporarily Date: Mon, 16 Sep 2024 00:24:19 GMT Server: Apache/2 X-Powered-By: PHP/7.2.33 Location: Vary: User-Agent Content-Length: 2 Connection: close Content-Type: text/html; charset=UTF-8
Found 2024-09-16 by HttpPluginCreate report
-
Open service 27.254.96.168:443 · www.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
2024-09-14 01:10
HTTP/1.1 302 Move Temporarily Date: Sat, 14 Sep 2024 01:10:40 GMT Server: Apache/2 X-Powered-By: PHP/7.2.33 Location: Vary: User-Agent Content-Length: 2 Connection: close Content-Type: text/html; charset=UTF-8
Found 2024-09-14 by HttpPluginCreate report
-
Open service 27.254.96.168:443 · xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
2024-09-14 00:24
HTTP/1.1 302 Move Temporarily Date: Sat, 14 Sep 2024 00:24:56 GMT Server: Apache/2 X-Powered-By: PHP/7.2.33 Location: Vary: User-Agent Content-Length: 2 Connection: close Content-Type: text/html; charset=UTF-8
Found 2024-09-14 by HttpPluginCreate report
-
Open service 27.254.96.168:443 · www.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
2024-09-12 03:21
HTTP/1.1 302 Move Temporarily Date: Thu, 12 Sep 2024 03:21:47 GMT Server: Apache/2 X-Powered-By: PHP/7.2.33 Location: Vary: User-Agent Content-Length: 2 Connection: close Content-Type: text/html; charset=UTF-8
Found 2024-09-12 by HttpPluginCreate report
-
Open service 27.254.96.168:443 · xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
2024-09-12 02:10
HTTP/1.1 302 Move Temporarily Date: Thu, 12 Sep 2024 02:11:04 GMT Server: Apache/2 X-Powered-By: PHP/7.2.33 Location: Vary: User-Agent Content-Length: 2 Connection: close Content-Type: text/html; charset=UTF-8
Found 2024-09-12 by HttpPluginCreate report
-
Open service 27.254.96.168:443 · www.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
2024-09-10 02:53
HTTP/1.1 302 Move Temporarily Date: Tue, 10 Sep 2024 02:53:08 GMT Server: Apache/2 X-Powered-By: PHP/7.2.33 Location: Vary: User-Agent Content-Length: 2 Connection: close Content-Type: text/html; charset=UTF-8
Found 2024-09-10 by HttpPluginCreate report
-
Open service 27.254.96.168:443 · xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
2024-09-10 01:29
HTTP/1.1 302 Move Temporarily Date: Tue, 10 Sep 2024 01:29:29 GMT Server: Apache/2 X-Powered-By: PHP/7.2.33 Location: Vary: User-Agent Content-Length: 2 Connection: close Content-Type: text/html; charset=UTF-8
Found 2024-09-10 by HttpPluginCreate report
-
Open service 27.254.96.168:443 · www.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
2024-09-08 01:16
HTTP/1.1 302 Move Temporarily Date: Sun, 08 Sep 2024 01:16:43 GMT Server: Apache/2 X-Powered-By: PHP/7.2.33 Location: Vary: User-Agent Content-Length: 2 Connection: close Content-Type: text/html; charset=UTF-8
Found 2024-09-08 by HttpPluginCreate report
-
Open service 27.254.96.168:443 · xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
2024-09-08 00:02
HTTP/1.1 302 Move Temporarily Date: Sun, 08 Sep 2024 00:03:02 GMT Server: Apache/2 X-Powered-By: PHP/7.2.33 Location: Vary: User-Agent Content-Length: 2 Connection: close Content-Type: text/html; charset=UTF-8
Found 2024-09-08 by HttpPluginCreate report
-
Open service 27.254.96.168:443 · www.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
2024-08-18 02:46
HTTP/1.1 302 Move Temporarily Date: Sun, 18 Aug 2024 02:46:28 GMT Server: Apache/2 X-Powered-By: PHP/7.2.33 Location: Vary: User-Agent Content-Length: 2 Connection: close Content-Type: text/html; charset=UTF-8
Found 2024-08-18 by HttpPluginCreate report
-
Open service 27.254.96.168:443 · xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
2024-08-18 00:38
HTTP/1.1 302 Move Temporarily Date: Sun, 18 Aug 2024 00:38:11 GMT Server: Apache/2 X-Powered-By: PHP/7.2.33 Location: Vary: User-Agent Content-Length: 2 Connection: close Content-Type: text/html; charset=UTF-8
Found 2024-08-18 by HttpPluginCreate report
ftp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.commail.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.compop.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.comsmtp.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.comwww.xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.comxn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
CN:
xn--2566-4do9ab5h1bfcjg7hg1txa5ahw0u.com
Not before:
2023-09-20 05:36
Not after:
2023-12-19 05:36