The server-status page (usually /server-status
) allows server administrators to find out how well their server is performing.
This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31df9716fadf9716fa1e5aab89
Apache Status Apache Server Status for 103.86.156.114 (via 172.16.10.66) Server Version: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.23 Server MPM: WinNT Apache Lounge VC11 Server built: Oct 13 2015 10:54:13 Current Time: Wednesday, 21-Dec-2022 10:00:27 SE Asia Standard Time Restart Time: Friday, 12-Aug-2022 05:54:44 SE Asia Standard Time Parent Server Config. Generation: 1 Parent Server MPM Generation: 0 Server uptime: 131 days 4 hours 5 minutes 43 seconds Server load: -1.00 -1.00 -1.00 Total accesses: 16033 - Total Traffic: 121.4 MB .00141 requests/sec - 11 B/second - 7.8 kB/request 4 requests currently being processed, 146 idle workers ________________________________________________________________ ________________________________________________________________ _________C____CW_W____ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMSSReqConnChildSlotClientVHostRequest 0-025360/9/9_ 345134000.00.260.26 209.141.41.193localhost:80NULL 0-025360/100/100_ 347046500.00.550.55 209.141.49.169localhost:80NULL 0-025360/5/5_ 3470464150.00.090.09 205.185.116.25localhost:80NULL 0-025360/8/8_ 345133900.00.110.11 209.141.36.112localhost:80NULL 0-025360/42/42_ 347046400.00.650.65 205.185.122.184localhost:80NULL 0-025360/23/23_ 345134000.00.450.45 209.141.55.120localhost:80NULL 0-025360/5/5_ 3470464150.00.220.22 205.185.116.89localhost:80NULL 0-025360/4/4_ 347046500.00.100.10 205.185.122.184localhost:80NULL 0-025360/10/10_ 3470465150.00.230.23 209.141.55.120localhost:80NULL 0-025360/7/7_ 347046400.00.280.28 209.141.51.222localhost:80NULL 0-025360/23/23_ 279461700.00.790.79 162.142.125.8localhost:80GET /favicon.ico HTTP/1.1 0-025360/7/7_ 347046500.00.370.37 209.141.41.193localhost:80NULL 0-025360/143/143_ 347046500.01.001.00 209.141.35.128localhost:80NULL 0-025360/10/10_ 286316100.00.500.50 209.141.55.120localhost:80NULL 0-025360/2/2_ 347046400.00.060.06 205.185.116.25localhost:80NULL 0-025360/2/2_ 347046300.00.180.18 209.141.36.112localhost:80NULL 0-025360/11/11_ 345133900.00.130.13 209.141.55.120localhost:80NULL 0-025360/2/2_ 347046400.00.010.01 209.141.36.231localhost:80NULL 0-025360/2/2_ 3470464150.00.010.01 205.185.116.25localhost:80NULL 0-025360/2/2_ 347046400.00.190.19 209.141.41.193localhost:80NULL 0-025360/2/2_ 3470463310.00.060.06 209.141.36.112localhost:80NULL 0-025360/14/14_ 34704631400.00.230.23 209.141.34.187localhost:80NULL 0-025360/526/526_ 347046300.05.175.17 209.141.41.193localhost:80NULL 0-025360/437/437_ 3470463150.04.104.10 205.185.121.69localhost:80NULL 0-025360/30/30_ 347046300.00.230.23 205.185.116.89localhost:80NULL 0-025360/168/168_ 3470463930.02.502.50 209.141.36.112localhost:80NULL 0-025360/25/25_ 347046300.00.360.36 209.141.34.187localhost:80NULL 0-025360/14/14_ 347046300.00.190.19 205.185.116.25localhost:80NULL 0-025360/20/20_ 347046300.00.100.10 209.141.49.169localhost:80NULL 0-025360/31/31_ 383213100.00.190.19 205.185.122.184localhost:80NULL 0-025360/401/401_ 383213200.04.084.08 209.141.35.128localhost:80NULL 0-025360/9/9_ 383213200.00.240.24 209.141.34.187localhost:80NULL 0-025360/39/39_ 383213100.00.060.06 209.141.36.231localhost:80NULL 0-025360/28/28_ 383213200.00.240.24 209.141.49.169localhost:80NULL 0-025360/13/13_ 347046200.00.310.31 205.185.116.89localhost:80NULL 0-025360/303/303_ 274618500.02.432.43 172.16.10.195localhost:80GET / HTTP/1.1 0-025360/34/34_ 286316000.00.640.64 209.141.36.231localhost:80NULL 0-025360/324/324_ 347046500.03.803.80 209.141.36.112localhost:80NULL 0-025360/142/142_ 383213200.02.992.99 209.141.55.120localhost:80NULL 0-025360/617/617_ 383213200.05.605.60 205.185.121.69localhost:80NULL 0-025360/188/188_ 3832131150.01.221.22 101.227.1.199localhost:80GET / HTTP/1.1 0-025360/364/364_ 383213200.03.583.58 101.227.1.198localhost:80GET / HTTP/1.1 0-025360/226/226_ 347046300.01.301.30 209.141.34.187localhost:80NULL 0-025360/82/82_ 336700.01.371.37 185.3.94.183localhost:80GET /.git/config HTTP/1.1 0-025360/822/822_ 336700.03.633.63 185.3.94.183localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-025360/623/623_ 29225400.02.962.96 209.141.35.128localhost:80NULL 0-025361/800/800C 000.04.584.58 139.144.69.48localhost:80GET / HTTP/1.1 0-025360/324/324_ 5412200.02.662.66 139.144.188.181localhost:80GET /server-status HTTP/1.1 0-025360/1085/1085_ 3367150.06.336.33 185.3.94.183localhost:80GET /s/531313e2635313e26383e2330313/_/;/META-INF/maven/com.atla 0-025360/399/399_ 29225400.03.233.23 209.141.33.65localhost:80NULL 0-025360/455/455_ 336900.05.045.04 185.3.94.183localhost:80GET /v2/_catalog HTTP/1.1 0-025361/160/160C 000.01.391.39 139.144.69.48localhost:80GET /.git/config HTTP/1.1 0-025360/414/414W 000.02.642.64 139.144.69.48localhost:80GET /server-status HTTP/1.1 0-025360/370/370_ 336900.01.621.62 185.3.94.183localhost:80GET /api/search?folderIds=0 HTTP/1.1 0-025360/1653/1653W 000.010.5410.54 139.144.69.48localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-025360/1215/1215_ 336700.08.188.18 185.3.94.183localhost:80GET /telescope/requests HTTP/1.1 0-025360/1028/1028_ 336700.03.553.55 185.3.94.183localhost:80GET /info.php HTTP/1.1 0-025360/770/770_ 29225500.07.197.19 209.141.36.231localhost:80NULL 0-025360/1461/1461_ 29225400.010.7810.78 209.141.51.222localhost:80NULL SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 0subcaches: 32, indexes per subcache: 88index usage: 0%, cache usage: 0%total entries stored since starting: 0total entries replaced since starting: 0total entries expired since starting: 0total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 0 hit, 0 misstotal removes since starting: 0 hit, 0 miss Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.23 Server at 103.86.156.114 Port 8079
The server-status page (usually /server-status
) allows server administrators to find out how well their server is performing.
This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31df9716fadf9716fabd81ac97
Apache Status Apache Server Status for 103.86.156.114 (via 172.16.10.66) Server Version: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.23 Server MPM: WinNT Apache Lounge VC11 Server built: Oct 13 2015 10:54:13 Current Time: Monday, 19-Dec-2022 20:23:56 SE Asia Standard Time Restart Time: Friday, 12-Aug-2022 05:54:44 SE Asia Standard Time Parent Server Config. Generation: 1 Parent Server MPM Generation: 0 Server uptime: 129 days 14 hours 29 minutes 12 seconds Server load: -1.00 -1.00 -1.00 Total accesses: 15795 - Total Traffic: 120.8 MB .00141 requests/sec - 11 B/second - 7.8 kB/request 11 requests currently being processed, 139 idle workers ________________________________________________________________ ________________________________________________________________ ______CW_W_R_CCRCCCC__ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMSSReqConnChildSlotClientVHostRequest 0-025360/9/9_ 331594800.00.260.26 209.141.41.193localhost:80NULL 0-025360/100/100_ 333507400.00.550.55 209.141.49.169localhost:80NULL 0-025360/5/5_ 3335073150.00.090.09 205.185.116.25localhost:80NULL 0-025360/8/8_ 331594700.00.110.11 209.141.36.112localhost:80NULL 0-025360/42/42_ 333507300.00.650.65 205.185.122.184localhost:80NULL 0-025360/23/23_ 331594800.00.450.45 209.141.55.120localhost:80NULL 0-025360/5/5_ 3335073150.00.220.22 205.185.116.89localhost:80NULL 0-025360/4/4_ 333507400.00.100.10 205.185.122.184localhost:80NULL 0-025360/10/10_ 3335074150.00.230.23 209.141.55.120localhost:80NULL 0-025360/7/7_ 333507300.00.280.28 209.141.51.222localhost:80NULL 0-025360/23/23_ 265922600.00.790.79 162.142.125.8localhost:80GET /favicon.ico HTTP/1.1 0-025360/7/7_ 333507400.00.370.37 209.141.41.193localhost:80NULL 0-025360/143/143_ 333507400.01.001.00 209.141.35.128localhost:80NULL 0-025360/10/10_ 272777000.00.500.50 209.141.55.120localhost:80NULL 0-025360/2/2_ 333507300.00.060.06 205.185.116.25localhost:80NULL 0-025360/2/2_ 333507200.00.180.18 209.141.36.112localhost:80NULL 0-025360/11/11_ 331594800.00.130.13 209.141.55.120localhost:80NULL 0-025360/2/2_ 333507300.00.010.01 209.141.36.231localhost:80NULL 0-025360/2/2_ 3335073150.00.010.01 205.185.116.25localhost:80NULL 0-025360/2/2_ 333507200.00.190.19 209.141.41.193localhost:80NULL 0-025360/2/2_ 3335072310.00.060.06 209.141.36.112localhost:80NULL 0-025360/14/14_ 33350721400.00.230.23 209.141.34.187localhost:80NULL 0-025360/526/526_ 333507200.05.175.17 209.141.41.193localhost:80NULL 0-025360/437/437_ 3335072150.04.104.10 205.185.121.69localhost:80NULL 0-025360/30/30_ 333507200.00.230.23 205.185.116.89localhost:80NULL 0-025360/168/168_ 3335072930.02.502.50 209.141.36.112localhost:80NULL 0-025360/25/25_ 333507200.00.360.36 209.141.34.187localhost:80NULL 0-025360/14/14_ 333507200.00.190.19 205.185.116.25localhost:80NULL 0-025360/20/20_ 333507100.00.100.10 209.141.49.169localhost:80NULL 0-025360/31/31_ 369674000.00.190.19 205.185.122.184localhost:80NULL 0-025360/401/401_ 369674000.04.084.08 209.141.35.128localhost:80NULL 0-025360/9/9_ 369674000.00.240.24 209.141.34.187localhost:80NULL 0-025360/39/39_ 369674000.00.060.06 209.141.36.231localhost:80NULL 0-025360/28/28_ 369674000.00.240.24 209.141.49.169localhost:80NULL 0-025360/13/13_ 333507100.00.310.31 205.185.116.89localhost:80NULL 0-025360/303/303_ 261079300.02.432.43 172.16.10.195localhost:80GET / HTTP/1.1 0-025360/34/34_ 272776800.00.640.64 209.141.36.231localhost:80NULL 0-025360/324/324_ 333507400.03.803.80 209.141.36.112localhost:80NULL 0-025360/142/142_ 369674000.02.992.99 209.141.55.120localhost:80NULL 0-025360/617/617_ 369674100.05.605.60 205.185.121.69localhost:80NULL 0-025360/188/188_ 3696739150.01.221.22 101.227.1.199localhost:80GET / HTTP/1.1 0-025360/364/364_ 369674000.03.583.58 101.227.1.198localhost:80GET / HTTP/1.1 0-025360/226/226_ 333507100.01.301.30 209.141.34.187localhost:80NULL 0-025361/80/80C 000.01.371.37 159.65.54.69localhost:80GET /.git/config HTTP/1.1 0-025360/819/819W 000.03.633.63 159.65.54.69localhost:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-025360/623/623_ 15686300.02.962.96 209.141.35.128localhost:80NULL 0-025360/703/703W 000.04.424.42 159.65.54.69localhost:80GET /server-status HTTP/1.1 0-025360/311/311_ 6510300.02.562.56 178.62.221.40localhost:80GET /server-status HTTP/1.1 0-025360/1080/1080R 000.06.336.33 159.65.54.69 0-025360/399/399_ 15686300.03.233.23 209.141.33.65localhost:80NULL 0-025361/451/451C 000.05.045.04 159.65.54.69localhost:80GET / HTTP/1.1 0-025361/150/150C 000.01.391.39 159.65.54.69localhost:80GET /info.php HTTP/1.1 0-025360/410/410R 000.02.642.64 159.65.54.69 0-025361/367/367C 000.01.621.62 159.65.54.69localhost:80GET /telescope/requests HTTP/1.1 0-025361/1563/1563C 0150.010.1710.17 159.65.54.69localhost:80GET /debug/default/view?panel=config HTTP/1.1 0-025361/1213/1213C 000.08.188.18 159.65.54.69localhost:80GET /.env HTTP/1.1 0-025361/1023/1023C 0150.03.553.55 159.65.54.69localhost:80GET /.DS_Store HTTP/1.1 0-025360/770/770_ 15686300.07.197.19 209.141.36.231localhost:80NULL 0-025360/1461/1461_ 15686300.010.7810.78 209.141.51.222localhost:80NULL SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 0subcaches: 32, indexes per subcache: 88index usage: 0%, cache usage: 0%total entries stored since starting: 0total entries replaced since starting: 0total entries expired since starting: 0total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 0 hit, 0 misstotal removes since starting: 0 hit, 0 miss Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.23 Server at 103.86.156.114 Port 8078