LeakIX - Host 18.245.60.19

Host 18.245.60.19

United States

AMAZON-02

Ubuntu

Software information

AmazonS3

tcp/443

CloudFront

tcp/80

Microsoft-IIS 10.0

tcp/443

Server

tcp/443

nginx nginx

tcp/443

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 18.245.60.19
Domain: qury.responsibilm.xyz
Port: 443
URL: https://qury.responsibilm.xyz

First seen 2024-12-05 06:12
Last seen 2026-02-09 20:21
Open for 431 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c0215adfc0215adfc1da688c1facea462f6908c885a1c79c1
```
Found 4 files trough .DS_Store spidering:

/default.css
/game.apk
/index.html
/page22.jpg
```
  Found on 2026-02-09 20:21
Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 18.245.60.19
Domain: admin.investorpresentations.com
Port: 443
URL: https://admin.investorpresentations.com

First seen 2023-09-14 03:29
Last seen 2026-01-23 08:18
Open for 862 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652249b82526

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = git@gitlab.com:chaynztech/investors-presentation-admin.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "deploy"]
	remote = origin
	merge = refs/heads/deploy

Found on 2026-01-23 08:18

283 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652247cb7d01

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://gitlab.com/chaynztech/investors-presentation-admin.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
	remote = origin
	merge = refs/heads/main
[branch "deploy-staging"]
	remote = origin
	merge = refs/heads/deploy-staging

Found on 2023-09-14 03:29

361 Bytes

Create report

Apache server-status page is publicly available

The server-status page (usually /server-status) allows server administrators to find out how well their server is performing.

This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.

This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.

https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a

IP: 18.245.60.123
Domain: toorak-login.cloudworkengine.net
Port: 443
URL: https://toorak-login.cloudworkengine.net

First seen 2024-09-30 06:54
Last seen 2025-08-17 07:48
Open for 321 days

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387efcbaea59

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Sunday, 17-Aug-2025 07:48:47 UTC
Restart Time: Wednesday, 09-Jul-2025 07:06:09 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  39 days 42 minutes 37 seconds
Server load: 0.95 0.78 0.86
Total accesses: 3150481 - Total Traffic: 9.9 GB - Total Duration: 293932501
CPU Usage: u31.74 s51.91 cu859.76 cs518.93 - .0434% CPU load
.934 requests/sec - 3152 B/second - 3374 B/request - 93.2977 ms/request
1 requests currently being processed, 49 idle workers
__________________________________W_______________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0166470/142/59740_
1.25917060463060.00.50193.07
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

0-0166470/111/65583_
1.26186558813640.00.38211.33
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0166470/196/65714_
1.25606660350540.00.42211.79
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0166470/164/63365_
1.26126555487700.00.65204.18
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0166470/121/63636_
1.26366665136890.00.43204.85
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0166470/102/65058_
1.25786555817770.00.32209.66
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0166470/125/60311_
1.241086659427640.00.39193.94
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0166470/128/62715_
1.2495411057442000.00.43201.56
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0166470/126/61667_
1.25726559345860.00.40199.25
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0166470/113/64823_
1.241206552186950.00.34207.71
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0166470/88/63268_
1.26486555870910.00.28203.71
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0166470/119/62463_
1.26246557307980.00.38200.65
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0166470/150/65297_
1.25846660640320.00.48209.90
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0166470/116/64975_
1.2499625458714940.00.40208.42
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0166470/111/63842_
1.2594269260401300.00.42205.05
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1DuJCFLF

0-0166470/143/62147_
1.266752142500.00.51199.82
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0166470/119/64026_
1.241281062876370.00.40205.88
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /resources/post.css HTTP/1.1

0-0166470/139/63480_
1.2413542760431390.00.55204.32
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

0-0166470/126/63297_
1.241434062851870.00.44203.26
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

0-0166470/125/61947_
1.2414654654960500.00.43199.28
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0166470/144/64346_
1.231566562019160.00.50206.56
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0166470/124/63819_
1.231686661072190.00.44205.95
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0166470/144/64675_
1.231945057463910.00.52208.32
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /resources/post.css HTTP/1.1

0-0166470/91/62391_
1.231866661567150.00.26200.15
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0166470/125/64077_
1.231806558702930.00.49206.69
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0165380/95/62215_
1.35546656674380.00.35201.25
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0165380/141/63405_
1.35306568736190.00.56204.32
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0165380/152/61959_
1.35666553642610.00.63199.88
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0165380/258/63091_
1.35426557843490.00.99202.54
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0165380/124/61175_
1.357542752762100.00.43196.54
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

1-0165380/107/63663_
1.35906660011100.00.36204.77
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0165380/121/62697_
1.35194060847730.00.41201.69
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /robots.txt HTTP/1.1

1-0165380/154/64147_
1.351545961789300.00.56206.28
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

1-0165380/119/60568_
1.3566555712290.00.47193.93
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-01653810/135/60634W
1.3600557871411.60.46194.62
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /server-status HTTP/1.1

1-0165380/120/61556_
1.341926558429970.00.40197.83
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0165380/142/64588_
1.341848056314230.00.56208.10
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

1-0165380/139/62368_
1.341446561532300.00.50200.73
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0165380/148/63016_
1.341746556484660.00.57203.18
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0165380/138/63373_
1.341626558653610.00.51204.58
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0165380/84/63563_
1.341506556746260.00.25204.41
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0165380/108/63765_
1.341326558270200.00.40204.69
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0165380/119/61292_
1.341386559160140.00.48197.08
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0165380/128/61392_
1.341266759749540.00.45197.96
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0165380/132/61556_
1.351146556235750.00.49199.20
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0165380/110/65829_
1.351026566620840.00.43211.92
127.0

Found on 2025-08-17 07:48

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387ee6da34ed

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Thursday, 14-Aug-2025 23:16:23 UTC
Restart Time: Wednesday, 09-Jul-2025 07:06:09 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  36 days 16 hours 10 minutes 13 seconds
Server load: 1.81 1.55 1.39
Total accesses: 3097843 - Total Traffic: 9.7 GB - Total Duration: 288147189
CPU Usage: u306.16 s214.81 cu569.83 cs344.62 - .0453% CPU load
.978 requests/sec - 3297 B/second - 3372 B/request - 93.0154 ms/request
2 requests currently being processed, 48 idle workers
_____K______________________________W_____________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0266390/19214/58489_
223.306562758711570.061.23189.05
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_6014441684920

0-0266390/21304/64583_
223.18864157276330.067.53208.05
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_c788623e29932

0-0266390/21731/64655_
223.511762559389260.069.60208.39
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_785ed3bdde888

0-0266390/20754/62303_
223.5561527654686500.065.91200.69
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/20686/62508_
223.129798764352380.066.01201.09
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_662c5dda83208

0-0266391/21320/64199K
223.554054960851.767.88207.01
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET / HTTP/1.1

0-0266390/19393/59297_
223.3363280058840480.061.42190.57
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0266390/20042/61386_
223.55872656218570.063.75197.27
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_6a59c0073a690

0-0266390/20023/60831_
223.42311258396100.064.19196.36
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-0266390/20660/63923_
223.51165250995580.065.96204.72
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-0266390/21157/62378_
223.394172855229460.067.56200.79
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_fdcedef2c706c

0-0266390/20038/61497_
223.41340356208630.063.75197.48
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-0266390/21134/64173_
223.24728158976730.067.31206.13
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-0266390/20662/63699_
223.13953357739150.065.70204.27
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_ea8ea861a504d

0-0266390/20617/62661_
223.41363459275250.065.91201.09
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/20105/61059_
223.21788151065520.064.15196.27
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/cloudworkauth/webauthn.js HTTP/1.1

0-0266390/21579/63223_
223.5563262191340.068.69203.23
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_f15344a7f51de

0-0266390/20011/62119_
223.345953258867310.063.96199.64
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_e8c609c7a95eb

0-0266390/20113/62315_
223.16892261687910.064.01199.98
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/19321/61089_
223.23733154404700.061.85196.33
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0266390/19555/63196_
223.286771360220280.062.40202.77
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/19958/62875_
223.218347059427720.063.60202.81
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_983d94717c3e9

0-0266390/20962/63373_
223.46276456239650.066.85203.99
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/19633/61602_
223.13935663260096880.062.32197.61
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-0266390/21121/63348_
223.38511457883330.067.42204.22
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0255750/19522/61110_
220.9393411955520760.062.27197.59
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_b55433693f4b2

1-0255750/19901/62241_
220.987763167852630.063.33200.32
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_39b1ea22695ab

1-0255750/20787/60806_
221.073173652888230.066.13195.92
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0255750/20850/61663_
221.16747756384250.066.41197.62
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_08d36d6148e98

1-0255750/20600/60478_
220.98718751863170.065.65194.23
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0255750/19582/62554_
221.141442858865500.062.34201.03
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_933240ee41453

1-0255750/20066/61823_
220.98669159588320.063.94198.82
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_750935e2456c2

1-0255750/21514/63172_
221.044462960377460.068.54202.98
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_d3a310ee9590b

1-0255750/18945/59716_
220.96779154899060.060.41191.11
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_b673981d1ced5

1-0255750/19761/59265_
220.98758254365140.062.73190.09
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_b7d0ab97020ff

1-0255750/19802/60293_
221.04402556953140.063.30193.74
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-02557533/20998/63356W
221.2100544718687.266.77203.95
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /server-status HTTP/1.1

1-0255750/20765/61198_
221.07326059810720.066.21196.90
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-0255750/19673/61850_
220.99581355619150.062.55199.14
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0255750/21127/62197_
221.15135356811830.067.34200.73
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

1-0255750/20555/62969_
221.0731128255942080.065.41202.52
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0255750/20570/62468_
220.931109257158080.065.36200.55
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_e6c33eecbe7e6

1-0255750/20204/60157_
220.986912757284160.064.30193.29
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_3ba28634838d6

1-0255750/18

Found on 2025-08-14 23:16

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387eae653546

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Wednesday, 13-Aug-2025 05:09:28 UTC
Restart Time: Wednesday, 09-Jul-2025 07:06:09 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  34 days 22 hours 3 minutes 18 seconds
Server load: 0.90 1.43 1.46
Total accesses: 2844091 - Total Traffic: 8.9 GB - Total Duration: 270113073
CPU Usage: u237.56 s171.33 cu569.83 cs344.62 - .0439% CPU load
.943 requests/sec - 3181 B/second - 3374 B/request - 94.9734 ms/request
1 requests currently being processed, 49 idle workers
_________________W________________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0266390/14430/53705_
168.151816454421670.046.10173.92
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/15964/59243_
168.6055112353236070.050.53191.05
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_ea42e9fd8ffb9

0-0266390/15771/58695_
168.1917032655539370.050.46189.24
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_80f2c2e6f7795

0-0266390/15355/56904_
168.3612422551858650.048.71183.49
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_db3d8a843d287

0-0266390/15458/57280_
168.449422961018450.049.27184.35
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_c52addb6ad63c

0-0266390/15723/58602_
168.431011451506820.050.07189.19
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/14953/54857_
168.6036232254998520.047.24176.39
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /saml2/idp/SSOService.php HTTP/1.1

0-0266390/14708/56052_
168.576682952048760.046.78180.30
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_bbc776f0367bb

0-0266390/14821/55629_
168.3113614555152300.047.61179.78
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_07e3d3b178344

0-0266390/15163/58426_
168.4011262548079070.048.51187.27
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_8452ebf279692

0-0266390/16086/57307_
168.62166451379030.051.23184.46
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0266390/15255/56714_
168.2714832653638650.048.54182.27
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_8a78cc4518fb6

0-0266390/15566/58605_
168.6219227453715020.049.54188.36
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BQS

0-0266390/15332/58369_
168.53725354371200.048.70187.27
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/15448/57492_
168.62107454905210.049.31184.49
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0266390/15107/56061_
168.62227447610130.048.23180.35
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0266390/15884/57528_
168.488362658163440.050.43184.97
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_a78e37de99d7d

0-02663911/15122/57230W
168.6300549121112.748.39184.07
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /server-status HTTP/1.1

0-0266390/15307/57509_
168.60464058156710.048.73184.69
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /resources/post.css HTTP/1.1

0-0266390/14528/56296_
168.62287550637150.046.55181.02
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0266390/14929/58570_
168.1119352956732710.047.59187.96
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_e4d62ca68f976

0-0266390/14785/57702_
168.604979255427220.047.05186.26
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0266390/16184/58595_
168.2316182852887920.051.41188.55
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_9c81f640665dd

0-0266390/14882/56851_
168.60442057586050.047.17182.47
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /robots.txt HTTP/1.1

0-0266390/15953/58180_
168.23164615453960570.050.77187.57
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_7f3602709563f

1-0255750/14555/56143_
167.4327385452035710.046.42181.74
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0255750/14723/57063_
167.43198228463172330.046.90183.90
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owEL3zK1Du%2BYS

1-0255750/15354/55373_
167.001751049097330.048.81178.60
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /resources/post.js HTTP/1.1

1-0255750/15753/56566_
167.131425853881600.050.05181.26
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0255750/15788/55666_
167.43160048889890.050.21178.79
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

1-0255750/15279/58251_
167.38771055643380.048.54187.23
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /resources/script.js HTTP/1.1

1-0255750/15206/56963_
167.45252855660430.048.41183.28
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_930a16239ed67

1-0255750/15833/57491_
167.42472054532660.050.45184.88
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-0255750/14077/54848_
167.42347450238480.044.89175.59
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0255750/14844/54348_
166.912026451010150.047.10174.46
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0255750/14485/54976_
167.081539453233530.046.29176.72
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0255750/15711/58069_
167.211184551693490.049.98187.17
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0255750/15653/56086_
167.001761456007020.049.79180.48
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0255750/15075/57252_
166.9518772552198580.047.87184.47
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_ad81963db9ad4

1-0255750/15721/56791_
167.2510702654158250.050.01183.40
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_af4db6d04b288

1-0255750/15266/57680_
167.0315912653046740.048.46185.57
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_af7a1ae9a27fb

1-0255750/15614/57512_
167.387792954013910.049.51184.70
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_7bb6c62655071

1-0255750/15200/55153_
167.34894652878600.048.23177.22
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0255750/14204/55798_
167.4319228255504010.045.19180.05
127.0.0.1http/1.1</

Found on 2025-08-13 05:09

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e305c5eec

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Sunday, 10-Aug-2025 04:11:26 UTC
Restart Time: Wednesday, 09-Jul-2025 07:06:09 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  31 days 21 hours 5 minutes 16 seconds
Server load: 0.59 1.08 1.29
Total accesses: 2388366 - Total Traffic: 7.5 GB - Total Duration: 240790128
CPU Usage: u110.38 s93.23 cu569.83 cs344.62 - .0406% CPU load
.867 requests/sec - 2931 B/second - 3380 B/request - 100.818 ms/request
2 requests currently being processed, 48 idle workers
__________W__________________W____________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0266390/5926/45201_
67.891092149590910.018.84146.66
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_46ff777f1486d

0-0266390/6430/49709_
68.06657579847581840.020.45160.97
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0266390/6143/49067_
67.821350549430290.019.58158.37
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/6402/47951_
67.821312246665690.020.21154.99
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?SAMLRequest=jVPLbtswELznKwTd9cwDN

0-0266390/6128/47950_
67.988752655085850.019.49154.57
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_3e72659a89e3b

0-0266390/6266/49145_
67.988832545543120.019.91159.03
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_62c52de68f68a

0-0266390/5949/45853_
68.20412548896030.018.88148.03
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/6140/47484_
68.155002446070330.019.58153.11
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_f57f7b3bbb8d4

0-0266390/5852/46660_
68.106124349943490.018.58150.76
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_d00940d538dc6

0-0266390/6119/49382_
68.02770342603530.019.65158.41
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0266390/6407/47628W
67.670044960720.020.35153.58
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /server-status HTTP/1.1

0-0266390/5967/47426_
68.281912747989730.018.99152.72
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_2803674014276

0-0266390/6545/49584_
68.33134548376890.020.75159.58
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/6317/49354_
68.24298348577820.019.95158.52
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/6031/48075_
67.701543049202810.019.19154.37
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /aws.yml HTTP/1.1

0-0266390/6042/46996_
67.671612042539570.019.28151.40
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /api/shared/config/config.env HTTP/1.1

0-0266390/6662/48306_
67.939862752099530.021.06155.60
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_f60f16df99532

0-0266390/5660/47768_
67.691576049172050.018.02153.70
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /admin/controllers/merchant.js HTTP/1.1

0-0266390/6003/48205_
68.3822451881150.019.06155.03
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/5837/47605_
67.7514835444470680.018.66153.13
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_04a096323e871

0-0266390/5576/49217_
67.8611912550969750.017.91158.28
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_1f49423a0a72b

0-0266390/6205/49122_
67.701572049454950.019.63158.84
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /configs/routes-4aug.js HTTP/1.1

0-0266390/6389/48800_
67.751466047624780.020.27157.41
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /v.php HTTP/1.1

0-0266390/6028/47997_
67.771456449631660.019.03154.33
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/6330/48557_
67.881098148763680.019.89156.69
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_9e33abc9d17a1

1-0255750/6312/47900_
67.961550047176460.020.16155.47
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /api/config/config.yml HTTP/1.1

1-0255750/5833/48173_
68.53782956583880.018.65155.64
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_2f62fb9037ae1

1-0255750/6256/46275_
67.941593043793440.019.79149.59
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /shared/config/config.js HTTP/1.1

1-0255750/6344/47157_
67.981532348451580.020.14151.35
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-02557548/6437/46315W
68.54004338215134.620.20148.77
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_486e32b226cd2

1-0255750/6582/49554_
68.33679149609330.020.80159.49
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/cloudworkauth/webauthn.js HTTP/1.1

1-0255750/6203/47960_
67.981513449841680.019.85154.72
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

1-0255750/6257/47915_
68.482282946715550.019.88154.31
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_1d024cc5cc845

1-0255750/6174/46945_
67.9116082545909070.019.42150.12
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_1dbf65972cc34

1-0255750/5676/45180_
67.981534046033860.018.07145.43
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /server/s3.js HTTP/1.1

1-0255750/5670/46161_
67.981473047813390.018.15148.59
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /shell.php HTTP/1.1

1-0255750/6209/48567_
68.061298446017710.019.77156.95
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0255750/5800/46233_
68.0314074748909820.018.45149.14
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_1f43c978276c3

1-0255750/6209/48386_
68.151134346476420.019.64156.23
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0255750/6249/47319_
68.1910436047737920.019.84153.23
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0255750/6113/48527_
68.1511072746164840.019.26156.37
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_16900eaf9edb2

1-0255750/6650/48548_
68.337112648582530.021.07156.26
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_7cecddac21323

1-0255750/5847/45800_
68.268362746096890.018.57147.56
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_2b8bb28c9932c

1-0255750/6288/47882_
68.111250450521320.019.90154.75
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-025

Found on 2025-08-10 04:11

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e077fb77b

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Friday, 08-Aug-2025 09:26:00 UTC
Restart Time: Wednesday, 09-Jul-2025 07:06:09 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  30 days 2 hours 19 minutes 50 seconds
Server load: 0.91 0.67 0.85
Total accesses: 2179192 - Total Traffic: 6.9 GB - Total Duration: 227529675
CPU Usage: u52.36 s56.88 cu569.83 cs344.62 - .0394% CPU load
.838 requests/sec - 2838 B/second - 3387 B/request - 104.41 ms/request
2 requests currently being processed, 48 idle workers
_______________W___________K______________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0266390/1716/40991_
21.991099546817940.05.47133.29
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/1828/45107_
22.05989844413210.05.87146.39
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/1941/44865_
21.851426247129300.06.21145.00
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0266390/1870/43419_
21.851461643939290.06.04140.82
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/2029/43851_
22.099353151828710.06.45141.53
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_29a622dcfd01e

0-0266390/1877/44756_
21.9113322843134330.06.00145.13
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_3b15f06e75f8f

0-0266390/1787/41691_
22.196773246383400.05.75134.90
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_7629a563394dc

0-0266390/1943/43287_
22.148252743670970.06.32139.85
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_1ae10d9f509f3

0-0266390/2041/42849_
22.187143047920160.06.64138.81
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_f1d412b28a457

0-0266390/1541/44804_
21.951218640123560.04.96143.72
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/2180/43401_
22.38266542214770.07.04140.27
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/1880/43339_
22.24603445215020.06.03139.76
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/2124/45163_
22.34378845721250.06.82145.65
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/2126/45163_
22.284922846400210.06.77145.34
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_1966546f1cc80

0-0266390/2065/44109_
22.41162645305490.06.55141.74
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-02663955/2134/43088W
22.50003996832232.66.92139.04
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /server-status HTTP/1.1

0-0266390/2285/43929_
21.8116353148765220.07.34141.88
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_f1a84f080cef3

0-0266390/1642/43750_
21.6418462946198820.05.29140.97
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_5e70a14341c80

0-0266390/1872/44074_
22.4677749503790.06.00141.96
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/1684/43452_
21.7117412740871620.05.53140.00
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_1a9211d67f8cf

0-0266390/1662/45303_
21.751692647655990.05.37145.74
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0266390/1744/44661_
21.6617922747294000.05.56144.76
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_2986d6b088fa1

0-0266390/1955/44366_
21.741705345358410.06.23143.37
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-0266390/1968/43937_
21.7317134147260080.06.30141.59
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0266390/1832/44059_
21.811579046295230.05.85142.65
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET / HTTP/1.1

1-0255750/2477/44065_
22.901816344085790.08.04143.35
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_b9af7c9a29795

1-0255750/1720/44060_
23.58211654384080.05.59142.58
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-02557511/2451/42470K
23.6700412626420.17.86137.66
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor

1-0255750/2478/43291_
23.67253145695030.07.97139.18
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_ba480de1e8732

1-0255750/2244/42122_
23.611212940820950.07.17135.75
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_7e8e3d1510d80

1-0255750/2179/45151_
23.49435747120940.06.91145.60
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0255750/2113/43870_
22.9217264346836040.06.87141.75
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_c5e0b05e78e66

1-0255750/2236/43894_
22.921733543528450.07.15141.59
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0255750/1894/42665_
22.921785043706140.06.06136.76
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /resources/post.js HTTP/1.1

1-0255750/1934/41438_
22.921713043871790.06.21133.57
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

1-0255750/2191/42682_
23.0714123145337110.07.12137.56
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_4112b468aba5b

1-0255750/2108/44466_
22.971577843790130.06.71143.90
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0255750/1689/42122_
22.921698445720860.05.31136.00
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https://toorak-logi

1-0255750/1691/43868_
23.0115184844047580.05.53142.12
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_31b75e947dcdb

1-0255750/2131/43201_
23.191161545825810.06.81140.20
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0255750/1810/44224_
23.0913813443152070.05.78142.90
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_655888a557859

1-0255750/2104/44002_
23.231046645887160.06.74141.93
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0255750/2049/42002_
23.28879543196610.06.60135.60
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0255750/1661/43255_
23.141275847469540.05.35140.20
</

Found on 2025-08-08 09:25

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387ea0132e69

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Wednesday, 06-Aug-2025 07:30:07 UTC
Restart Time: Wednesday, 09-Jul-2025 07:06:09 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  28 days 23 minutes 57 seconds
Server load: 5.76 1.97 1.31
Total accesses: 1864384 - Total Traffic: 5.9 GB - Total Duration: 205541164
CPU Usage: u179.63 s131.22 cu350.69 cs213.01 - .0361% CPU load
.77 requests/sec - 2613 B/second - 3393 B/request - 110.246 ms/request
1 requests currently being processed, 49 idle workers
_____________________W____________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



<SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0146260/10789/35375_
127.18755542367130.034.90115.40
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/11598/38197_
127.09941639985260.037.13124.24
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?SAMLRequest=hVLJTsMwEL0j8Q%2BW71l

0-0146260/12039/38435_
126.9911803143554370.038.62124.42
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_f87fd480afcfd

0-0146260/11919/37175_
127.0410842439130130.038.21120.76
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/11361/37667_
127.432442847726360.036.38121.87
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_2dbee72391df7

0-0146260/11594/38272_
126.781523038091240.037.39124.47
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET / HTTP/1.1

0-0146260/10564/35952_
127.324802841930620.034.10116.58
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_b0d30febffb51

0-0146260/11515/37465_
127.37368740103400.037.23121.14
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/11379/36314_
127.28589442755610.036.46117.87
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/12280/39258_
127.5279836642610.038.96125.89
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/12012/36824_
127.39349736762420.038.60119.23
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/12005/37097_
126.781526041050870.038.64119.81
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET / HTTP/1.1

0-0146260/11372/38318_
126.7416283240407710.036.65123.87
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_e4f724ddda57b

0-0146260/11942/38421_
126.9513062842646800.037.93123.83
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_ccb9225974ed9

0-0146260/11113/37468_
127.2369928340027000.035.73120.52
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/11125/36253_
127.138056535282350.035.93117.09
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_ea45de5250605

0-0146260/11050/36828_
126.8614553743895970.035.43119.13
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0146260/11598/37349_
126.9912502942401880.036.93120.54
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_06fd79c567011

0-0146260/12276/38107_
127.099741245165320.039.38122.92
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/11631/37443_
127.471893036811430.037.15120.70
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_42d6c18e9f9ef

0-0146260/12028/39033_
126.7016833442630280.038.24125.68
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-01462655/11631/38275W
127.54004244367154.337.39124.37
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /server-status HTTP/1.1

0-0146260/11181/37886_
126.831477440777750.035.85122.72
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/11694/37675_
126.9014082843088110.037.78121.59
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_03b92be5b95e4

0-0146260/11276/37627_
126.991190341679710.036.17122.03
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_33a6896cf0f27

1-0144940/11407/37052_
124.655352739186280.036.73120.91
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_48fb1cfba2a2f

1-0144940/11703/37471_
124.261518150712340.038.01121.46
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-0144940/11131/36301_
124.4111403336232660.035.77117.96
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_c52d4195c3d40

1-0144940/11240/36335_
124.261561440658440.036.00116.95
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

1-0144940/10690/35840_
124.2116843236102820.034.41115.63
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_c3f4b57de47b0

1-0144940/10978/38719_
124.55790642490180.034.97125.20
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0144940/11010/37007_
124.55818341217500.035.14119.72
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_cfd94b9e51975

1-0144940/11434/36908_
123.6913062739622350.036.76119.26
127.0.0.1http/1.1

1-0144940/11497/36940_
124.55863539343080.036.84118.54
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0144940/10535/35479_
124.261467440287700.033.87114.49
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0144940/11065/36322_
124.832426341385250.035.23117.14
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0144940/11486/37726_
124.4510292839782990.036.75122.40
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_156c6e8396cfb

1-0144940/11595/36525_
124.381166041614990.037.27118.21
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET / HTTP/1.1

1-0144940/11698/37530_
124.50924840094030.037.48121.92
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0144940/10633/37033_
124.60644841954550.034.71120.45
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0144940/11337/37743_
124.311358638943530.036.57122.22
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0144940/11514/37701_
124.74265542228140.037.09121.80
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0144940/11177/36491_
124.79134638796580.035.89117.93
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0144940/11542/36682_
124.211766542827190.037.23119.22
127.0.0.1

Found on 2025-08-06 07:30

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387eab4ef6f6

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Monday, 04-Aug-2025 10:13:30 UTC
Restart Time: Wednesday, 09-Jul-2025 07:06:09 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  26 days 3 hours 7 minutes 20 seconds
Server load: 0.68 0.78 0.92
Total accesses: 1631420 - Total Traffic: 5.2 GB - Total Duration: 188001370
CPU Usage: u113.03 s89.82 cu350.69 cs213.01 - .034% CPU load
.723 requests/sec - 2453 B/second - 3395 B/request - 115.238 ms/request
1 requests currently being processed, 49 idle workers
__________________________________________W_______..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0146260/6513/31099_
74.4210903238363500.021.08101.58
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_f93bfc3ed1472

0-0146260/7135/33734_
74.46902835823270.022.68109.78
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_b2364be6a7658

0-0146260/6872/33268_
74.462733439878780.021.97107.77
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_fd19f24a27c47

0-0146260/6957/32213_
74.4699235963740.022.30104.86
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0146260/6188/32494_
74.439033143510930.019.69105.18
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_ab1a41e37bb9a

0-0146260/6603/33281_
74.438434134517450.021.19108.27
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_6c8f3ce2d4f30

0-0146260/6790/32178_
74.4211522838637280.021.84104.32
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_7f6d1c9ee4f6a

0-0146260/6837/32787_
74.46293235483830.022.10106.01
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_2384a1adde14c

0-0146260/6536/31471_
74.439683138843670.020.89102.30
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_2f39f4182911d

0-0146260/6967/33945_
74.43722033157600.022.24109.17
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

0-0146260/7479/32291_
74.421180133797180.023.91104.55
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0146260/6986/32078_
74.43648537782530.022.44103.62
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0146260/6758/33704_
74.454612737239600.021.84109.06
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_8593666e27b68

0-0146260/6623/33102_
74.4376816638323190.020.94106.84
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_ba6dc19d452ae

0-0146260/6759/33114_
74.421068537119840.021.76106.55
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0146260/6648/31776_
74.4699031537910.021.27102.43
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0146260/6440/32218_
74.462112840817340.020.65104.35
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_40c1abfbe97eb

0-0146260/6745/32496_
74.45348539001300.021.42105.04
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0146260/7312/33143_
74.469932240906130.023.29106.84
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Dec%2B3

0-0146260/6801/32613_
74.42120286333359070.021.55105.10
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0146260/7032/34037_
74.461503339158640.022.32109.76
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_8db65a055b039

0-0146260/6889/33533_
74.4310303538376940.021.91108.89
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_fc7f2b21f4c65

0-0146260/6432/33137_
74.45408537897970.020.61107.49
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0146260/6826/32807_
74.455242739462640.022.26106.07
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_82cae7408eb83

0-0146260/6755/33106_
74.45288538563210.021.68107.54
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0144940/6401/32046_
73.781008535601130.020.65104.83
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0144940/7402/33170_
73.78948747445820.023.74107.20
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0144940/5925/31095_
73.815815332667690.019.02101.21
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0144940/7319/32414_
73.79828638049950.023.44104.39
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0144940/5980/31130_
73.781037333071730.019.30100.52
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

1-0144940/6892/34633_
73.7711804438807170.021.67111.90
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0144940/6598/32595_
73.81168537613000.020.96105.54
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0144940/6999/32473_
73.812796936675360.022.57105.07
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0144940/7068/32511_
73.813383235791490.022.59104.30
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_a681055cdaf71

1-0144940/5965/30909_
73.81437437300060.019.2499.86
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

1-0144940/6521/31778_
73.78888638135350.020.72102.62
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0144940/7284/33524_
73.81228536373020.023.30108.94
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0144940/7061/31991_
73.8148638166870.022.61103.55
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0144940/7011/32843_
73.81108636624150.022.38106.82
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0144940/6078/32478_
73.76121011838600240.019.67105.41
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0144940/6689/33095_
73.814003135515420.021.50107.14
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_3591102d8ade5

1-0144940/6796/32983_
73.7973561439752380.021.86106.58
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/cloudworkauth/mfa/hotp.php?hotp_id=607&StateId=

1-01449410/6330/31644W
73.8100346794811.620.23102.28
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /server-status HTTP/1.1

1-0144940/7215/32355_
73.79708639626260.023.20105.19
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_wel

Found on 2025-08-04 10:13

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e5d8957fd

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Sunday, 03-Aug-2025 12:07:42 UTC
Restart Time: Wednesday, 09-Jul-2025 07:06:09 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  25 days 5 hours 1 minute 32 seconds
Server load: 1.08 1.54 1.40
Total accesses: 1565801 - Total Traffic: 4.9 GB - Total Duration: 158199965
CPU Usage: u93.79 s78.1 cu350.69 cs213.01 - .0338% CPU load
.719 requests/sec - 2438 B/second - 3392 B/request - 101.035 ms/request
1 requests currently being processed, 49 idle workers
_____________W____________________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0146260/5263/29849_
60.0338811631654250.016.8097.30
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_dbc10390dd43c

0-0146260/5760/32359_
60.081693029847240.018.19105.30
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_5d235069cc3e5

0-0146260/5613/32009_
60.08316733679850.017.79103.59
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/5870/31126_
60.08293431101290.018.80101.36
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/4654/30960_
60.03481532858510.014.74100.23
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0146260/5374/32052_
59.957783131234310.017.00104.07
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_082226c4967e9

0-0146260/5514/30902_
60.08214032858410.017.58100.05
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

0-0146260/5787/31737_
60.08949730701920.018.47102.37
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_8db7d0bc59746

0-0146260/5392/30327_
60.0860531153540.017.2198.62
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0146260/5549/32527_
60.03420529795790.017.51104.44
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0146260/6153/30965_
59.6215892730519960.019.63100.26
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_198a8519f9b1d

0-0146260/5650/30742_
59.7212519431652420.018.0199.18
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_87490982b047a

0-0146260/5536/32482_
59.6314863031470470.017.64104.86
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_97901e8df1530

0-01462612/5436/31915W
60.0900318262917.016.99102.89
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /server-status HTTP/1.1

0-0146260/5268/31623_
59.5716933431983310.016.73101.52
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_8c44b5e240f9b

0-0146260/5225/30353_
59.681365528286000.016.5897.74
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/5131/30909_
59.6315072733139480.016.2199.91
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_d96ba70054cbb

0-0146260/5443/31194_
59.88939731504230.017.11100.72
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/5789/31620_
59.8011002733775810.018.17101.71
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_5d10bd90d0a43

0-0146260/5485/31297_
59.761205030957130.017.24100.79
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /resources/post.js HTTP/1.1

0-0146260/5755/32760_
59.938802932097470.018.13105.57
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_c5a7d05a773fc

0-0146260/5596/32240_
59.99659634895960.017.66104.65
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/5278/31983_
59.948582832593130.016.85103.73
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_2aa83b64878bb

0-0146260/5522/31503_
59.841042632685560.017.67101.48
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/5417/31768_
60.035442732390980.017.22103.08
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_9fa3ce5f2aa03

1-0144940/5214/30859_
58.6514223729948680.016.62100.80
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_cb3d68d222bc1

1-0144940/5820/31588_
58.759923435680140.018.52101.98
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_318cf26510ad1

1-0144940/4883/30053_
58.7111917127058140.015.5397.72
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_b50e4fa3f594b

1-0144940/5667/30762_
58.69130012231181370.017.9798.92
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_27025b9ba10d7

1-0144940/4956/30106_
58.75841530858140.015.7897.00
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0144940/5631/33372_
58.711141633605310.017.51107.74
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0144940/5218/31215_
58.759313032349420.016.39100.97
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_44470422ecfac

1-0144940/5711/31185_
58.846023129960280.018.20100.70
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_3bd1c81e6ca94

1-0144940/5447/30890_
58.884081409230080980.017.2198.92
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?SAMLRequest=fZJdT4MwFIb%2fCuk9UGA

1-0144940/4925/29869_
58.759233330816110.015.7996.41
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_87b12b76fbfeb

1-0144940/5354/30611_
58.80716533794640.016.9298.83
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0144940/5846/32086_
58.92262531269150.018.49104.14
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0144940/5702/30632_
58.88404510332919620.018.1599.09
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?SAMLRequest=fZJbT4MwFMe%2fCuk7UC6

1-0144940/5435/31267_
58.884943031389950.017.26101.70
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_c0a2123a2e44c

1-0144940/5077/31477_
59.0788131536620.016.34102.08
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0144940/5446/31852_
58.883774929691160.017.40103.04
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_aa9ce394e36fd

1-0144940/5583/31770_
59.011592734083630.017.88102.59
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0144940/5182/30496_
58.972092929658440.016.5398.58
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_24bad01071f5f

1-0144940/5863/31003_
59.071032930135870.018.77100.

Found on 2025-08-03 12:07

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e04933e47

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Saturday, 02-Aug-2025 11:50:38 UTC
Restart Time: Wednesday, 09-Jul-2025 07:06:09 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  24 days 4 hours 44 minutes 28 seconds
Server load: 1.30 1.20 1.19
Total accesses: 1427121 - Total Traffic: 4.5 GB - Total Duration: 147743061
CPU Usage: u55.6 s53.94 cu350.69 cs213.01 - .0322% CPU load
.683 requests/sec - 2319 B/second - 3397 B/request - 103.525 ms/request
1 requests currently being processed, 49 idle workers
_____________________________________________W____..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0146260/2529/27115_
29.21413529710170.08.1388.63
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/2727/29326_
29.25354527872810.08.5995.69
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/2598/28994_
29.115423030843860.08.2094.00
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_e1eb596796c36

0-0146260/2713/27969_
29.16474428774550.08.6791.23
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/2706/29012_
29.076473231383300.08.5194.00
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_dc6d693944e6c

0-0146260/2431/29109_
29.06826829251850.07.6494.72
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/2870/28258_
29.39442930867730.09.1491.61
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_4a14e2d0062e6

0-0146260/3010/28960_
29.3597529308460.09.6093.50
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/2622/27557_
29.3021444229241170.08.3189.72
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0146260/2670/29648_
29.30266727733620.08.4595.37
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/2945/27757_
28.7517733828384440.09.4390.06
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_aa15d95a926c0

0-0146260/2259/27351_
28.7916642828755170.07.1088.27
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_68f1645769da7

0-0146260/2551/29497_
28.831530229269830.08.2395.45
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_a2d8ff55db781

0-0146260/2833/29312_
29.394129809790.08.7294.62
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0146260/2296/28651_
28.7118253029607020.07.2392.02
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_7878a2aef98ef

0-0146260/2399/27527_
28.881389726226230.07.6988.85
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/2358/28136_
28.831555631606620.07.2990.99
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/2958/28709_
28.97122225229794390.09.3993.00
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_c3fdd63b3346c

0-0146260/2813/28644_
28.971141331038180.08.8692.40
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_6c0212b9a2dec

0-0146260/2864/28676_
28.921332428650620.08.9192.46
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/2874/29879_
28.971090330069200.09.0096.44
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0146260/2786/29430_
29.067093032214160.08.7595.73
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_516d000fb0c9d

0-0146260/2444/29149_
28.971202230703200.07.7494.61
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_d4cb2ff3a7af4

0-0146260/2906/28887_
29.02936531009700.09.3693.17
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0146260/2656/29007_
29.06777530296550.08.4894.34
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0144940/2454/28099_
28.7715002927806930.07.8392.01
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_875cc038588cd

1-0144940/2882/28650_
28.90115912133463620.09.3092.76
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_3ed18a8c67d8f

1-0144940/2066/27236_
28.821403424200880.06.6388.82
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0144940/2802/27897_
28.8612782828657010.08.8389.78
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_f79c8090d8d6e

1-0144940/2083/27233_
29.049912727744680.06.6287.83
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_8e2899514e266

1-0144940/3028/30769_
28.9510993031552200.09.3899.61
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_6761b3fc32e1b

1-0144940/2696/28693_
28.991046530813850.08.3892.97
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0144940/3007/28481_
29.177182927723440.09.6092.10
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_4d3e67f83cce5

1-0144940/2698/28141_
29.12770427814370.08.4790.18
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0144940/2491/27435_
29.08881329316750.07.9588.58
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0144940/2716/27973_
29.216612731278000.08.5490.45
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_29165fe97143a

1-0144940/2871/29111_
29.265203329350520.09.0694.71
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_d0567a2ff76f1

1-0144940/3062/27992_
29.284613830992010.09.7890.71
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_49aede355141b

1-0144940/2948/28780_
29.265962829399780.09.3293.76
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_3466014c1bfb1

1-0144940/2666/29066_
29.40107229562690.08.6394.37
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_90cb750b6330a

1-0144940/2675/29081_
29.28403527504810.08.5594.19
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0144940/2568/28755_
29.31318331875830.08.1992.91
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_b5f03b50bab9c

1-0144940/2420/27734_
29.352105527815350.07.6989.74
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_06bdbbdc8ac52

1-0144940/2879/28019_
29.40

Found on 2025-08-02 11:50

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e145c3193

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Thursday, 31-Jul-2025 04:29:47 UTC
Restart Time: Wednesday, 09-Jul-2025 07:06:09 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  21 days 21 hours 23 minutes 37 seconds
Server load: 0.88 0.90 1.12
Total accesses: 1249722 - Total Traffic: 4.0 GB - Total Duration: 129777875
CPU Usage: u51.39 s50.96 cu303.4 cs184.01 - .0312% CPU load
.661 requests/sec - 2249 B/second - 3404 B/request - 103.845 ms/request
3 requests currently being processed, 47 idle workers
_______________________W____________________KK____..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0243240/2497/23616_
28.051404425605630.08.6077.30
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0243240/2540/25831_
28.622977424584140.08.9184.64
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_3a7d3329e6b3d

0-0243240/2522/25677_
28.111337626459070.08.5683.45
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0243240/2892/24366_
28.051470125817670.010.1779.63
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/cloudworkauth/simplewebauthn.es5.umd.min.js HTT

0-0243240/2550/25432_
28.151261926673340.08.6982.69
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0243240/2423/25590_
28.309913126430640.08.2983.53
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_34e5c23f26b3a

0-0243240/2494/24315_
28.251105527061150.08.4379.07
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0243240/2934/25290_
28.4186618826360430.09.8181.77
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_184dfe943f251

0-0243240/2218/23946_
28.151279626021180.07.6478.10
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0243240/2732/25830_
28.31979124115690.09.0083.20
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-0243240/2364/24068_
28.428045224332400.08.0078.22
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_463acfd973340

0-0243240/2396/24221_
28.36934825425850.08.2678.31
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0243240/2696/25991_
28.476925525610410.08.9084.16
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_6d6bd34ef04b5

0-0243240/2412/25458_
28.2011602826912130.08.2082.48
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_2e1aa88bf97de

0-0243240/2677/25594_
28.47679026201940.08.7782.30
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/cloudworkauth/webauthn.js HTTP/1.1

0-0243240/2900/24126_
28.55496523642910.09.6577.83
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0243240/2701/25047_
28.59379628038090.09.2081.37
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0243240/2346/24820_
28.51606025465130.07.7480.61
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET / HTTP/1.1

0-0243240/2609/25148_
28.6788627379780.08.6381.26
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0243240/2405/24785_
28.6757725755060.08.2280.27
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0243240/2387/26059_
28.622832926346660.07.9184.42
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_0070df9bb0131

0-0243240/2495/25305_
28.516392927567690.08.6382.61
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_2aebc3445b156

0-0243240/2474/25719_
28.622333426935940.08.4083.57
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_37d3365933618

0-02432412/2138/25110W
28.6800268383462.47.1081.01
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /server-status HTTP/1.1

0-0243240/2320/25240_
28.051459425432900.07.7682.24
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0242830/2277/25065_
27.40984124473590.08.0182.11
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-0242830/2223/24816_
27.40979129799590.07.5980.39
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/chromebook/jquery.js HTTP/1.1

1-0242830/2276/24390_
27.50752136821689860.07.7179.48
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0242830/2258/24224_
27.3511713724060780.07.6678.01
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_eccdf640681f3

1-0242830/2301/24226_
27.351206225245090.07.9278.23
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET / HTTP/1.1

1-0242830/2517/26883_
27.281403627439610.08.6687.32
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0242830/2323/25018_
27.4010472927843950.07.9781.44
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_4045f13fa994c

1-0242830/2313/24702_
27.409743124423330.07.7679.96
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_9585e6fd8ca64

1-0242830/2693/24407_
27.50725623833600.09.0478.38
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0242830/2548/24073_
27.555823325852030.08.5377.79
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_318081f2febe1

1-0242830/2337/24221_
27.45826727384390.07.8578.58
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0242830/2779/25671_
27.57544025144490.09.5483.86
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/chromebook/jquery.js HTTP/1.1

1-0242830/2661/24200_
27.6732225927290660.09.0078.49
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0242830/2347/25041_
27.50676626475170.08.3081.94
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0242830/2809/25687_
27.624382726394340.09.7283.49
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_f89287d5bc571

1-0242830/2537/25365_
27.71252423972180.08.6582.27
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0242830/2275/25511_
27.801453428498810.07.6582.49
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_10a27ae547741

1-0242830/2830/24631_
27.8531924895700.09.5379.68
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0242830/2201/24375_
27.76203524965350.07.4079.50
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService

Found on 2025-07-31 04:29

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387ecfa657c7

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Tuesday, 29-Jul-2025 00:22:54 UTC
Restart Time: Wednesday, 09-Jul-2025 07:06:09 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  19 days 17 hours 16 minutes 44 seconds
Server load: 0.31 0.85 1.16
Total accesses: 1151943 - Total Traffic: 3.6 GB - Total Duration: 113865816
CPU Usage: u22.3 s30.37 cu303.4 cs184.01 - .0317% CPU load
.676 requests/sec - 2298 B/second - 3400 B/request - 98.8467 ms/request
1 requests currently being processed, 49 idle workers
__________W_______________________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0243240/561/21680_
5.82613522605090.02.2470.94
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0243240/545/23836_
5.818433622396000.02.3778.11
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0243240/479/23634_
5.82626023369450.01.9476.84
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

0-0243240/623/22097_
5.81783021480410.02.6972.16
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /robots.txt HTTP/1.1

0-0243240/486/23368_
5.82433523521150.01.8775.87
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0243240/470/23637_
5.82521024018130.01.7076.94
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

0-0243240/481/22302_
5.8338118324005160.01.8472.49
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0243240/591/22947_
5.83359221752610.02.1574.11
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

0-0243240/494/22222_
5.83266023392440.01.9172.37
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

0-0243240/487/23585_
5.83193620707150.01.6975.90
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-02432410/585/22289W
5.8400217221211.62.0972.31
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /server-status HTTP/1.1

0-0243240/602/22427_
5.8473522110090.02.3072.35
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0243240/517/23812_
5.771333722362610.01.8777.13
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0243240/488/23534_
5.831633124122910.01.8776.15
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0243240/663/23580_
5.8419123123140.02.2075.73
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0243240/590/21816_
5.771213320325490.02.0870.26
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/chromebook/jquery.js HTTP/1.1

0-0243240/586/22932_
5.771112025534710.02.1674.32
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

0-0243240/525/22999_
5.77118735623478100.01.9274.79
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/cloudworkauth/mfa/hotp.php?hotp_id=256&StateId=

0-0243240/554/23093_
5.801033623631940.02.0474.67
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0243240/413/22793_
5.81960522518020.01.5873.64
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https://toorak-logi

0-0243240/516/24188_
5.791048023594030.01.9078.41
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /resources/post.js HTTP/1.1

0-0243240/464/23274_
5.7810753425250000.01.8875.85
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0243240/541/23786_
5.801001423331220.01.9877.15
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

0-0243240/393/23365_
5.8188441322658240.01.3875.28
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owEL3vr4hyT%2BK

0-0243240/481/23401_
5.81733621250970.01.7176.19
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0242830/538/23326_
5.92133621561200.02.1076.20
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0242830/533/23126_
5.90366025878040.01.9674.76
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

1-0242830/539/22653_
5.92156019676540.01.9473.70
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

1-0242830/513/22479_
5.90493521767830.01.9172.26
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0242830/560/22485_
5.90253522258120.02.1172.42
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0242830/515/24881_
5.90770107523682250.02.0180.67
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0242830/547/23242_
5.92343725260710.02.0875.55
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0242830/542/22931_
5.93918721691650.02.0474.25
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?SAMLRequest=fZJdT4MwFIb%2fCuk9UDq

1-0242830/513/22227_
5.891393719940020.01.7671.10
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0242830/560/22085_
5.891212123681650.02.1571.40
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0242830/515/22399_
5.891273622473040.01.9472.67
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0242830/587/23479_
5.90973523107360.02.4176.73
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0242830/510/22049_
5.8910931123450810.01.8671.36
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0242830/478/23172_
5.891064023706070.01.8475.48
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

1-0242830/648/23526_
5.891153523007050.02.6376.40
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0242830/489/23317_
5.891047021156900.01.8775.49
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

1-0242830/532/23768_
5.90793624947560.01.9476.79
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0242830/439/22240_
5.901020421128020.01.6071.75
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https://toorak-logi

1-0242830/463/22637_
5.90853520956410.01.6373.72
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0242830/601/22654_
5.90673721681770.02.4374.05
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0242830/545/25024_
5.909131025691420.02.2881.53
127.0.0.1http/1.1ip-10-1-95-181.ap-so

Found on 2025-07-29 00:22

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e24283661

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Saturday, 26-Jul-2025 18:17:21 UTC
Restart Time: Wednesday, 09-Jul-2025 07:06:09 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  17 days 11 hours 11 minutes 11 seconds
Server load: 1.27 1.46 1.34
Total accesses: 1124651 - Total Traffic: 3.5 GB - Total Duration: 105526679
CPU Usage: u30.6 s34.01 cu285.73 cs172.91 - .0347% CPU load
.745 requests/sec - 2524 B/second - 3387 B/request - 93.8306 ms/request
1 requests currently being processed, 49 idle workers
_____________________________________W____________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0202610/1238/21108_
14.23279620033030.04.3368.66
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/1332/23276_
14.231239520785080.05.0775.69
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/1423/23137_
14.231405421399380.04.8274.83
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-0202610/1402/21452_
14.2119685819284910.05.0769.40
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_e132a019dd3eb

0-0202610/1358/22870_
14.23640521616230.04.8673.96
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/1173/23147_
14.24186422437620.04.2575.19
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-0202610/1389/21800_
14.23819622339320.05.1370.59
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/1230/22339_
14.221596420542750.04.3671.91
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-0202610/1182/21715_
14.23399521585900.04.2670.42
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/1267/23083_
14.2439519901410.04.4474.16
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/1540/21680_
14.231299620677060.05.4470.16
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/1309/21799_
14.231359520856060.04.6269.98
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/1387/23268_
14.211839520348540.05.0075.19
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/1415/23031_
14.221539622759680.05.1174.24
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/1268/22899_
14.24100520238430.04.5373.48
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/1154/21201_
14.211907318331240.03.9368.10
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-0202610/1241/22329_
14.211720623593190.04.6272.12
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/1386/22455_
14.231120522335650.05.1872.82
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/1425/22524_
14.23940621520920.05.2272.59
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/1180/22362_
14.23519520446010.04.1572.00
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/1245/23659_
14.23699521949520.04.5876.47
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/1511/22790_
14.231067423504580.05.6273.92
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-0202610/1399/23213_
14.221480722174120.05.0475.08
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/1204/22954_
14.211887421003140.04.0973.85
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-0202610/1421/22906_
14.231042419341500.05.3274.44
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

1-0201670/1507/22774_
14.12759720026660.05.8074.06
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0201670/1418/22565_
14.111420623221620.04.9872.71
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0201670/1296/22093_
14.1214001118250940.04.7471.70
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /saml2/idp/SSOService.php HTTP/1.1

1-0201670/1362/21949_
14.101960520961470.04.8170.31
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0201670/1228/21905_
14.12459621126910.04.2270.25
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0201670/1497/24354_
14.12339621951850.05.4278.62
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0201670/1171/22675_
14.101589423585410.04.2473.42
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

1-0201670/1160/22374_
14.12580520232320.04.0072.16
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0201670/1287/21693_
14.121180618570960.04.2769.29
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0201670/1252/21513_
14.12880521798660.04.3869.21
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0201670/1370/21867_
14.12108030420793130.04.8570.68
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /saml2/idp/SSOService.php HTTP/1.1

1-0201670/1305/22845_
14.12678620874480.04.8474.15
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

1-02016710/1416/21507W
14.1300219125311.65.1169.42
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /server-status HTTP/1.1

1-0201670/1351/22669_
14.121268422216470.04.7873.58
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

1-0201670/1262/22857_
14.101900520863750.04.4173.71
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0201670/1272/22809_
14.101867419672740.04.6273.57
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

1-0201670/1250/23221_
14.101779723155910.04.4374.80
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0201670/1226/21782_
14.12159619617370.04.5770.09
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0201670/1226/22157_
14.101660619859340.04.5272.05
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0201670/1290/22032_
14.1115073019735640.04.7971.56
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.c

Found on 2025-07-26 18:17

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387ee4c24afc

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Tuesday, 22-Jul-2025 22:29:21 UTC
Restart Time: Wednesday, 09-Jul-2025 07:06:09 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  13 days 15 hours 23 minutes 11 seconds
Server load: 1.30 1.09 1.12
Total accesses: 1074171 - Total Traffic: 3.4 GB - Total Duration: 90755165
CPU Usage: u14.3 s20.52 cu285.73 cs172.91 - .0419% CPU load
.911 requests/sec - 3072 B/second - 3370 B/request - 84.4886 ms/request
2 requests currently being processed, 48 idle workers
_________K___________________________W____________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0202610/347/20217_
3.3839717663480.01.3165.64
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/381/22325_
3.36452017050710.01.4672.08
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /resources/post.css HTTP/1.1

0-0202610/301/22015_
3.33538118961880.01.1571.17
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0202610/342/20392_
3.37106016297730.01.3465.66
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

0-0202610/301/21813_
3.364144618757960.01.0370.14
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0202610/236/22210_
3.37130319756850.00.8971.83
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0202610/332/20743_
3.355083119321440.01.2466.70
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_11f5e0dd6e9f9

0-0202610/269/21378_
3.387527617299200.01.0168.56
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-0202610/239/20772_
3.3810419450950.00.8867.05
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_cc7f96316723d

0-0202611/274/22090K
3.380017286461.10.9370.64
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor

0-0202610/390/20530_
3.33686116981990.01.5066.21
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0202610/274/20764_
3.34519518261570.00.9866.34
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/415/22296_
3.32699617619220.01.5971.77
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/306/21922_
3.33663319777130.01.0770.20
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

0-0202610/297/21928_
3.33639317326100.01.0870.04
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-0202610/253/20300_
3.37219615721010.00.8365.00
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/279/21367_
3.33563020170260.01.0168.50
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

0-0202610/307/21376_
3.36431419756560.01.0868.72
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-0202610/394/21493_
3.36396318731840.01.4468.82
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_24535f56dd6c3

0-0202610/252/21434_
3.37317417851670.00.8568.71
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0202610/319/22733_
3.3638432019500950.01.2873.17
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?SAMLRequest=jVNdj9owEHy%2FXxHlPR%

0-0202610/412/21691_
3.35485020146600.01.6369.93
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /favicon.ico HTTP/1.1

0-0202610/348/22162_
3.372534718572200.01.3271.37
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0202610/225/21975_
3.37159718362400.00.7570.51
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0202610/312/21797_
3.36355116111390.01.1070.22
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0201670/300/21567_
3.27421116508310.01.0669.31
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/nextmail/cloudwork/css/theme.css HTTP/1.1

1-0201670/306/21453_
3.28375320740930.00.9568.69
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_df7839000b175

1-0201670/400/21197_
3.28383316304300.01.4668.42
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_cdc6f6c92de66

1-0201670/314/20901_
3.2914026718071510.01.1666.66
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /saml2/idp/SSOService.php HTTP/1.1

1-0201670/329/21006_
3.29186418081810.01.2267.25
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0201670/343/23200_
3.29275111118577870.01.2174.41
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0201670/255/21759_
3.2964520035280.00.8670.04
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

1-0201670/273/21487_
3.28335517466810.00.9469.11
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_4e152f776c847

1-0201670/280/20686_
3.2924097816445280.01.0066.02
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0201670/298/20559_
3.291154717874660.01.0465.88
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0201670/281/20778_
3.2916418397690.01.0366.86
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

1-0201670/308/21848_
3.2999517004060.01.1070.40
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-02016710/311/20402W
3.3000185321719.01.0165.32
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /server-status HTTP/1.1

1-0201670/331/21649_
3.24664436618789340.01.1669.96
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0201670/386/21981_
3.23710418254180.01.3770.66
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

1-0201670/292/21829_
3.24687115859780.01.1670.11
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/nextmail/cloudwork/css/theme.css HTTP/1.1

1-0201670/347/22318_
3.24638162320087650.01.3471.70
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0201670/294/20850_
3.24613316920840.01.0966.61
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_f233d96b74df1

1-0201670/343/21274_
3.25539117385870.01.4268.95
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-0201670/298/21040_
3.26509117157860.01.1367.90
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.c

Found on 2025-07-22 22:29

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387edc91dde9

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Sunday, 20-Jul-2025 12:48:42 UTC
Restart Time: Wednesday, 09-Jul-2025 07:06:09 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  11 days 5 hours 42 minutes 32 seconds
Server load: 0.91 0.96 0.94
Total accesses: 1027538 - Total Traffic: 3.2 GB - Total Duration: 76654798
CPU Usage: u18.54 s21.18 cu267.04 cs161.8 - .0483% CPU load
1.06 requests/sec - 3541 B/second - 3346 B/request - 74.6005 ms/request
1 requests currently being processed, 49 idle workers
______________________W___________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0150990/812/19209_
8.28525414704830.02.7661.48
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-0150990/821/21290_
8.278274514864530.02.8568.36
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0150990/729/20924_
8.286863015405890.02.4766.98
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_3e63bddb88763

0-0150990/816/19407_
8.27841614155090.02.7561.72
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/916/20684_
8.27790616644800.03.3265.94
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0150990/763/21065_
8.27944415175890.02.7167.52
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_81c8566930532

0-0150990/725/19802_
8.27749316015200.02.3563.19
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

0-0150990/767/20492_
8.28429415015600.02.4565.33
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-0150990/806/19913_
8.28587416834390.02.7963.82
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_238c2bfb58e08

0-0150990/759/21327_
8.28411014907410.02.3867.89
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /robots.txt HTTP/1.1

0-0150990/796/19330_
8.28642313814330.02.6261.59
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_fd6c2713e6a7f

0-0150990/789/19992_
8.28479315549960.02.5263.50
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0150990/730/21335_
8.28361515332870.02.3367.87
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/766/21069_
8.28262516249400.02.5567.00
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-0150990/764/21135_
8.28301515339110.02.6267.14
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/750/19580_
8.291499513451740.02.5062.50
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

0-0150990/744/20605_
8.28228417246150.02.6365.74
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0150990/799/20293_
8.271036263615996760.02.8464.87
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0150990/894/20536_
8.29120515457530.02.6665.37
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/743/20585_
8.261106415204570.02.5965.80
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-0150990/838/21880_
8.2960516601210.02.8669.84
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/776/20722_
8.2950317589860.02.6966.07
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-01509912/761/21265W
8.2900152435217.02.3967.96
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /server-status HTTP/1.1

0-0150990/788/21055_
8.27995515066870.02.8467.31
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-0150990/688/20858_
8.27901613786800.02.2766.80
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/881/20701_
8.2248414745120.03.0066.11
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

1-0150560/733/20511_
8.2242017119760.02.5265.40
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /resources/post.css HTTP/1.1

1-0150560/806/20255_
8.2272414535670.02.6964.83
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_5b354c921df15

1-0150560/841/20054_
8.2213911213865680.02.6663.55
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_566c9f87f15a0

1-0150560/849/20173_
8.22240615761590.02.5464.10
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/833/22336_
8.20660516575840.02.9371.22
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/718/20632_
8.20919416047560.02.3265.97
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_0f95ad03a58d8

1-0150560/782/20633_
8.1911282914910980.02.6365.98
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_60de2879dd91c

1-0150560/663/19754_
8.201020514260580.02.2162.82
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/737/19728_
8.191081515425640.02.4462.94
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/772/19754_
8.20800415978610.02.5863.12
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

1-0150560/753/20710_
8.20960514537270.02.5366.37
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/842/19343_
8.20780515727060.02.8661.28
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/762/20649_
8.20852716020150.02.5466.15
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_e8e63a12f75eb

1-0150560/801/21001_
8.20834015082300.02.6467.08
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /robots.txt HTTP/1.1

1-0150560/778/20960_
8.20600514026800.02.4366.83
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/782/21251_
8.20721516148070.02.5467.56
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/732/20018_
8.20541514431020.02.3863.46
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/771/20324_
8.21420514797610.02.6565.29
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/740/20140_
8.2145428014825690.02.6864.49
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.c

Found on 2025-07-20 12:48

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387eb0e5064e

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Friday, 18-Jul-2025 18:05:21 UTC
Restart Time: Wednesday, 09-Jul-2025 07:06:09 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  9 days 10 hours 59 minutes 11 seconds
Server load: 1.35 1.27 1.07
Total accesses: 1002220 - Total Traffic: 3.1 GB - Total Duration: 70158826
CPU Usage: u10.36 s14.92 cu267.04 cs161.8 - .0556% CPU load
1.23 requests/sec - 4098 B/second - 3341 B/request - 70.0034 ms/request
1 requests currently being processed, 49 idle workers
______W___________________________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0150990/234/18631_
2.89160613532610.00.7459.46
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/284/20753_
2.89280514087700.00.9766.47
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/296/20491_
2.8974013700790.01.0065.50
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /robots.txt HTTP/1.1

0-0150990/281/18872_
2.88413412761000.00.9159.88
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-0150990/290/20058_
2.893494115005440.01.0263.64
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_770a1f929dffa

0-0150990/251/20553_
2.88580513928780.00.9065.71
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-01509910/207/19284W
2.8900143870911.60.5961.43
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /server-status HTTP/1.1

0-0150990/243/19968_
2.8717013513538310.00.7663.64
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_26d3585014e6f

0-0150990/265/19372_
2.871660515054900.00.8661.89
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/301/20869_
2.871480513905620.00.9366.45
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/305/18839_
2.8715803212761940.00.9659.93
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_55871e6cbc802

0-0150990/230/19433_
2.871420514177950.00.7161.68
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/298/20903_
2.8713323014266740.00.9566.49
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_d64773b2b18d6

0-0150990/251/20554_
2.871240615021870.00.7865.23
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/280/20651_
2.871180513888870.00.9765.49
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/283/19113_
2.871120612048600.00.9060.91
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/287/20148_
2.8710875415755600.00.9664.08
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_080a2635660db

0-0150990/246/19740_
2.87760514671830.00.8362.86
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/290/19932_
2.871000614460220.00.9563.66
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/301/20143_
2.878392913706680.01.0964.30
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_6fd964a4cbc65

0-0150990/334/21376_
2.87940815339380.01.1868.17
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/276/20222_
2.887183316185850.00.8864.26
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_636ed30bac4e8

0-0150990/296/20800_
2.88640514440740.00.8566.42
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/332/20599_
2.88520514248510.01.2065.66
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0150990/233/20403_
2.884734312714920.00.7265.25
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_a115657e2db1f

1-0150560/336/20156_
2.90220613632720.01.1264.24
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/273/20051_
2.89340715678810.00.9263.80
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/224/19673_
2.89460513550110.00.7362.86
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/332/19545_
2.89400512982790.00.9061.79
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/279/19603_
2.89491014604120.00.8162.37
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /resources/script.js HTTP/1.1

1-0150560/303/21806_
2.88120815714681640.01.1269.41
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_683332f46b84c

1-0150560/206/20120_
2.9040614539660.00.6764.31
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/287/20138_
2.90100613875830.00.9164.25
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/248/19339_
2.881720513239770.00.7561.37
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/271/19262_
2.8816753114360920.00.8661.36
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_8acbcfca8f237

1-0150560/235/19217_
2.881600514093910.00.7461.28
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/268/20225_
2.881540613400590.00.9764.81
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/315/18816_
2.881360513654540.01.0259.44
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/224/20111_
2.8814563514499370.00.7864.38
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_98d5e124a19a2

1-0150560/254/20454_
2.881300513624140.00.7965.23
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/300/20482_
2.881110186612636230.00.9365.33
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /saml2/idp/SSOService.php HTTP/1.1

1-0150560/281/20750_
2.88114810014642620.00.8965.92
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

1-0150560/272/19558_
2.881060713016830.00.8461.91
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/299/19852_
2.89880513667880.01.0063.65
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0150560/288/19688_
2.889634613598560.01.0262.82
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthSta

Found on 2025-07-18 18:05

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e55777cdf

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Saturday, 12-Jul-2025 14:27:29 UTC
Restart Time: Wednesday, 09-Jul-2025 07:06:09 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  3 days 7 hours 21 minutes 19 seconds
Server load: 1.34 0.78 0.69
Total accesses: 340525 - Total Traffic: 1.1 GB - Total Duration: 23868790
CPU Usage: u94.38 s60.94 cu0 cs0 - .0544% CPU load
1.19 requests/sec - 3989 B/second - 3347 B/request - 70.0941 ms/request
1 requests currently being processed, 49 idle workers
______________________________________W___________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



<SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0330/6222/6222_
74.7467534228890.019.8819.88
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

0-0330/6924/6924_
74.7434744535140.022.0522.05
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0330/6807/6807_
74.7441634507140.021.8521.85
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

0-0330/6088/6088_
74.72172344153250.019.4119.41
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0330/6612/6612_
74.7516744759170.020.9920.99
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0330/6327/6327_
74.7452744541800.020.2020.20
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0330/6787/6787_
74.72136755741540.021.6321.63
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0330/6854/6854_
74.7510744363740.021.9221.92
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0330/6512/6512_
74.754744391560.020.9320.93
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0330/7047/7047_
74.7313203195313610.022.5922.59
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DecyGQD

0-0330/6197/6197_
74.72142744057180.019.8519.85
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0330/7099/7099_
74.72145535121740.022.8622.86
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-0330/7417/7417_
74.72154754994110.023.5523.55
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0330/6912/6912_
74.72160744788640.021.9521.95
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0330/7061/7061_
74.73129434357820.022.3722.37
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-0330/6644/6644_
74.73131923901650.021.2321.23
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-0330/7091/7091_
74.741210545642210.022.5922.59
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0330/7210/7210_
74.74106745037600.022.8522.85
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0330/7376/7376_
74.74118744931420.023.5823.58
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0330/6805/6805_
74.73124755151280.021.8021.80
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0330/7149/7149_
74.7494744835330.022.8022.80
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0330/7071/7071_
74.7482635889500.022.6222.62
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_34fdd640f3216

0-0330/7278/7278_
74.7459555637450.023.2423.24
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-0330/6901/6901_
74.7422754979450.021.9621.96
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0330/6837/6837_
74.747162784067760.021.8521.85
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /saml2/idp/SSOService.php HTTP/1.1

1-0340/6619/6619_
73.9128753914990.021.1321.13
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0340/7039/7039_
73.90121075443630.022.3022.30
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0340/6708/6708_
73.9170744834140.021.3521.35
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0340/7212/7212_
73.9158744534970.022.8922.89
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0340/6445/6445_
73.90112744682130.020.6320.63
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0340/7492/7492_
73.9146745201670.023.7323.73
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0340/7018/7018_
73.9164754611190.022.4922.49
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0340/6762/6762_
73.9140745177520.021.6021.60
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0340/6413/6413_
73.9114024601010.020.4120.41
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET / HTTP/1.1

1-0340/6436/6436_
73.90130754752900.020.5220.52
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0340/6148/6148_
73.9175355086840.019.6219.62
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

1-0340/7392/7392_
73.90127554768050.023.5823.58
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/metadata.php HTTP/1.1

1-0340/6310/6310_
73.90131944296110.019.9119.91
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-03414/6581/6581W
73.910051241423.121.0621.06
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /server-status HTTP/1.1

1-0340/7545/7545_
73.89166745159810.024.0124.01
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0340/6603/6603_
73.9120904368120.021.1721.17
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET / HTTP/1.1

1-0340/7217/7217_
73.90157634608740.023.0923.09
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

1-0340/6809/6809_
73.901210584497120.021.7821.78
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0340/6001/6001_
73.9013203114365030.019.2719.27
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj5swFLznV0TcgcBCw

1-0340/6591/6591_
73.90100744591110.021.1521.15
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0340/7030/7030_
73.9088744905960.022.5622.56
127.0.0.1

Found on 2025-07-12 14:27

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e74b51aa8

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Thursday, 10-Jul-2025 13:18:36 UTC
Restart Time: Wednesday, 09-Jul-2025 07:06:09 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  1 day 6 hours 12 minutes 26 seconds
Server load: 1.02 0.97 1.00
Total accesses: 110001 - Total Traffic: 353.2 MB - Total Duration: 8306635
CPU Usage: u29.97 s19.45 cu0 cs0 - .0454% CPU load
1.01 requests/sec - 3405 B/second - 3366 B/request - 75.5142 ms/request
2 requests currently being processed, 48 idle workers
__________________________________W_K_____________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0330/1957/1957_
23.271213301481780.06.306.30
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_8dccc04ec48c0

0-0330/2596/2596_
23.3210951381692250.08.298.29
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_79d2888cd1d4b

0-0330/2329/2329_
23.3697441456800.07.477.47
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0330/1929/1929_
23.40916321316700.06.266.26
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_6d59147304493

0-0330/2306/2306_
23.5263242233280.07.477.47
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0330/1954/1954_
23.45799301565990.06.266.26
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_a3a948d260a8a

0-0330/2310/2310_
23.6910942725100.07.437.43
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0330/2301/2301_
23.4968841893060.07.437.43
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0330/1996/1996_
22.63580331415400.06.496.49
127.0.0.1http/1.1

0-0330/2385/2385_
23.742152065460.07.717.71
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0330/2564/2564_
23.6135151490500.08.288.28
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0330/2539/2539_
23.7448502182060.08.248.24
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_e4cc0434f1ca7

0-0330/2116/2116_
23.57464261813460.06.756.75
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_7087291879456

0-0330/1918/1918_
23.6523451494320.06.206.20
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0330/2225/2225_
22.892218271579290.07.097.09
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_6998260eb2788

0-0330/2075/2075_
22.842334291371810.06.676.67
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_2198a934cc60d

0-0330/2225/2225_
22.9719751031310240.07.077.07
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_6eed2ab806342

0-0330/2126/2126_
22.932098261192950.06.616.61
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_2c64d5a48c82e

0-0330/2362/2362_
23.01186241568040.07.587.58
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0330/1961/1961_
22.97192011462360.06.336.33
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-0330/2643/2643_
23.10168141899730.08.438.43
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0330/1982/1982_
23.06174251727520.06.406.40
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0330/2614/2614_
23.14156242349230.08.328.32
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

0-0330/2010/2010_
23.231330261762560.06.396.39
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_e25e3e31aa371

0-0330/2256/2256_
23.19144551665040.07.257.25
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0340/2443/2443_
22.701388261444270.07.897.89
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_c2dbb8d65b728

1-0340/2333/2333_
22.58173551500490.07.427.42
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0340/1945/1945_
22.581802411130640.06.136.13
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_9bd04466c30f3

1-0340/2377/2377_
22.661504271895500.07.627.62
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_8174d313cca85

1-0340/2154/2154_
22.48203861323650.06.976.97
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0340/2740/2740_
22.75127141897210.08.678.67
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0340/2391/2391_
22.79115561422650.07.757.75
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0340/2293/2293_
22.83103431805200.07.417.41
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0340/1953/1953_
22.8885851335100.06.256.25
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-03495/2247/2247W
23.1700178399302.97.237.23
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /server-status HTTP/1.1

1-0340/1735/1735_
22.9271422265920.05.625.62
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0347/2215/2215K
23.163017454421.37.137.13
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET / HTTP/1.1

1-0340/2254/2254_
22.44215651669480.07.097.09
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0340/1784/1784_
22.8310231381308570.05.715.71
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0340/2048/2048_
23.0540641927460.06.656.65
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0340/2174/2174_
22.9274141409840.07.017.01
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0340/2160/2160_
23.0052351319000.06.956.95
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0340/2326/2326_
22.40227631705180.07.517.51
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Ftoorak-i

1-0340/1843/1843_
23.131761821297710.05.915.91
127.0.0.1http/1.1ip-10-1-95-181.ap-southeast-2.cGET /module.php/core/loginuserpass.php?AuthState=_776d7049432ea

1-0340/2380/2380_
22.52192041573260.07.697.69
127.0.0.1http/1.1

Found on 2025-07-10 13:18

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e0ca9c537

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Tuesday, 08-Jul-2025 14:51:28 UTC
Restart Time: Wednesday, 20-Nov-2024 05:27:22 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  230 days 9 hours 24 minutes 6 seconds
Server load: 0.92 1.02 1.07
Total accesses: 4843959 - Total Traffic: 18.2 GB - Total Duration: 1985362333
CPU Usage: u331.47 s461.85 cu1523.7 cs884.55 - .0161% CPU load
.243 requests/sec - 980 B/second - 4028 B/request - 409.864 ms/request
2 requests currently being processed, 48 idle workers
_______________________W______________________K___..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0261540/7011/93794_
101.1913060381875210.022.64358.96
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET / HTTP/1.1

0-0261540/7140/92989_
101.13144434358616240.023.16358.23
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_0f44a948d8e6e

0-0261540/8313/93839_
101.29104235379292990.026.89359.91
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_497e3696cbb9d

0-0261540/8195/93951_
100.88195533373534670.026.50361.78
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3e785736606a5

0-0261540/7723/93205_
100.92184134389048680.025.27358.74
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_1faa63d0602b5

0-0261540/8455/92195_
101.5535610378691170.027.43354.85
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0261540/7898/93804_
101.08155911375418280.025.60360.53
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0261540/8227/93529_
101.406357373823050.026.76359.06
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0261540/8973/93923_
101.3486737379165110.028.84359.60
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_2cdcc255f84d4

0-0261540/8531/95090_
101.349021379627090.027.82364.56
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/chromebook/jquery.js HTTP/1.1

0-0261540/7652/93021_
101.3492737382720900.024.71359.95
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_5da3263f983c4

0-0261540/7748/94448_
101.24115738388999600.025.04364.75
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_34fa6d8a2aded

0-0261540/8612/94995_
101.347067383524460.027.73364.37
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0261540/8292/94163_
101.504721377416470.026.80359.52
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET / HTTP/1.1

0-0261540/8340/93268_
101.563467388922350.026.87357.01
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0261540/7954/93177_
101.717810379406350.025.73357.95
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0261540/7974/93531_
101.6123741387599670.025.76358.47
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_4278c9b826a7a

0-0261540/8693/95563_
101.4553135396797740.028.25367.03
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_69c0083ff62af

0-0261540/8134/93131_
100.82209536376958540.026.38355.90
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_85cf13561d59c

0-0261540/8523/92590_
100.82211738375682810.027.57355.34
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_eef272986094c

0-0261540/8566/94462_
101.0216747397839100.027.78363.93
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0261540/8350/92252_
100.97173236377308170.027.16355.54
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_4a396fef32111

0-0261540/8617/95286_
101.661253400139250.027.76363.71
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-02615445/7371/94114W
101.730039599854129.123.87360.92
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /server-status HTTP/1.1

0-0261540/7507/91809_
101.19133032377837500.024.16351.37
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_bac7d8c0925d1

1-0264510/11138/79342_
134.4181533312409900.035.86304.72
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_8a58983bdffe6

1-0264510/10700/79039_
134.4269236318545210.034.64301.16
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_c63f3d5e09617

1-0264510/11118/78443_
134.3687533328651420.035.78302.43
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_d10db4159a0b0

1-0264510/10557/77664_
134.15127238323512080.033.97298.03
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_994559ba66cfd

1-0264510/10207/77990_
134.10138731319093070.033.31301.58
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

1-0264510/10186/77792_
134.04150215339016060.032.99302.11
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

1-0264510/10783/78245_
134.417667336982730.034.90302.55
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0264510/10316/77824_
134.3098536328843670.033.21300.84
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_90c919e31c321

1-0264510/11158/78413_
134.5241434313954010.036.11303.72
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_58c21b933c3d7

1-0264510/10599/79368_
134.465660327858840.034.52305.66
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-0264510/10888/79097_
134.4657451322190700.035.54304.32
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJNT%2BMwEL0j8R8i3%2

1-0264510/10959/78940_
133.8420146335216550.035.55301.98
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

1-0264510/10819/79085_
134.621797331610270.035.10302.73
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

1-0264510/11212/78182_
134.5240640337469140.036.22299.96
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_efe0243b98e5f

1-0264510/10929/79158_
134.682138324397360.035.65304.63
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_94d39344bed74

1-0264510/11352/78416_
134.572956309663130.036.67302.97
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

1-0264510/11108/78646_
134.621250314557990.035.79303.86
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0264510/10804/78244_
133.9417846332021660.034.90301.45
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

1-0264510/10839/79326_
133.79

Found on 2025-07-08 14:51

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e2d258ecd

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Sunday, 06-Jul-2025 20:12:34 UTC
Restart Time: Wednesday, 20-Nov-2024 05:27:22 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  228 days 14 hours 45 minutes 12 seconds
Server load: 1.39 1.28 1.33
Total accesses: 4669090 - Total Traffic: 17.6 GB - Total Duration: 1968606987
CPU Usage: u275.59 s424.66 cu1523.7 cs884.55 - .0157% CPU load
.236 requests/sec - 957 B/second - 4051 B/request - 421.625 ms/request
1 requests currently being processed, 49 idle workers
_______________W__________________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0261540/3664/90447_
57.5011556378806210.011.79348.12
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0261540/4129/89978_
57.4513120356043270.013.39348.46
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET / HTTP/1.1

0-0261540/4731/90257_
57.2916788375753780.015.21348.23
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0261540/4812/90568_
57.4513297370327420.015.53350.81
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0261540/4687/90169_
57.34156211385794220.015.23348.69
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0261540/5236/88976_
56.97236974375289390.016.93344.35
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_722cc4c36ac29

0-0261540/4505/90411_
57.5510398372585770.014.52349.45
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0261540/4438/89740_
57.707059370359460.014.36346.67
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0261540/5216/90166_
57.6581933375871680.016.80347.55
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_d7f41d203aa58

0-0261540/4757/91316_
57.765816376668360.015.47352.20
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0261540/4315/89684_
57.8046535379493800.013.76349.00
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_d25f4df6eda03

0-0261540/3982/90682_
57.6093537385510550.012.84352.56
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_4e63e4e1f8c57

0-0261540/4953/91336_
57.9129333379988180.015.89352.53
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_d54eeb785edc4

0-0261540/4907/90778_
57.9617731374404470.015.83348.55
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_9d77dff8c2049

0-0261540/5004/89932_
58.026033385793800.016.09346.23
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_a28757a456b47

0-02615414/4673/89896W
58.02003762059326.515.08347.30
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /server-status HTTP/1.1

0-0261540/4716/90273_
56.87260933384882710.015.14347.85
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_b04d2e6279342

0-0261540/5177/92047_
57.8640711393003080.016.66355.44
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0261540/4795/89792_
56.93249279373337190.015.47344.99
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_e466076bcceca

0-0261540/5129/89196_
57.03225334372452120.016.60344.37
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_75738027e4f27

0-0261540/4619/90515_
57.24179233393948390.014.90351.04
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_1a0800607bc93

0-0261540/4769/88671_
57.13202332373781960.015.47343.84
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_862e8128c15ae

0-0261540/4690/91359_
57.09213712396594990.015.11351.06
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0261540/4313/91056_
57.18190735393263000.013.91350.96
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_27834ef43e8df

0-0261540/4233/88535_
57.4014446374501280.013.63340.84
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

1-0264510/7038/75242_
89.318786308811140.022.50291.36
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

1-0264510/7485/75824_
89.4652447315218290.024.04290.56
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_8cb8405981b5e

1-0264510/7460/74785_
89.41641129325687720.023.98290.64
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_73a4ec3490faa

1-0264510/7348/74455_
89.3676335320630460.023.45287.51
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_664620d843d0d

1-0264510/6652/74435_
89.09127134315485240.021.68289.95
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_19740d750d6fb

1-0264510/6546/74152_
89.05138935334527730.021.20290.31
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3ae55bdfe0ddf

1-0264510/7418/74880_
89.464720333130070.023.92291.57
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET / HTTP/1.1

1-0264510/7158/74666_
89.5135011325324950.023.06290.69
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

1-0264510/7453/74708_
89.562346310442630.024.08291.69
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

1-0264510/7009/75778_
89.621189324471180.022.82293.96
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

1-0264510/6872/75081_
88.532550119318388680.022.33291.11
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

1-0264510/7487/75468_
88.6323107331419130.024.20290.63
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

1-0264510/7505/75771_
89.6630327577610.024.25291.87
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET / HTTP/1.1

1-0264510/7264/74234_
88.58242710334295220.023.46287.19
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

1-0264510/7089/75318_
88.4826927320653850.022.95291.94
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0264510/7467/74531_
88.6821954306729340.024.01290.31
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

1-0264510/7656/75194_
88.84185010311610780.024.64292.71
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

1-0264510/7268/74708_
88.89173335329046470.023.38289.94
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_e5be0c2351b83

1-0264510/7336/75823_
88.9416182643329655350.0<

Found on 2025-07-06 20:12

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e131f0443

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Friday, 04-Jul-2025 18:14:53 UTC
Restart Time: Wednesday, 20-Nov-2024 05:27:22 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  226 days 12 hours 47 minutes 31 seconds
Server load: 0.75 1.16 1.50
Total accesses: 4434640 - Total Traffic: 16.9 GB - Total Duration: 1949142132
CPU Usage: u266.32 s417.21 cu1459.32 cs843.82 - .0153% CPU load
.227 requests/sec - 925 B/second - 4086 B/request - 439.527 ms/request
1 requests currently being processed, 49 idle workers
________________W_________________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0289960/8864/86779_
105.038191567375609330.029.03336.31
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0289960/8900/85847_
105.03897396352999960.028.99335.07
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0289960/8686/85522_
105.03108610372244280.028.16333.01
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0289960/8227/85750_
105.0394911366218800.027.14335.26
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0289960/8202/85478_
105.055235382480870.026.86333.45
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_6ceed3d7ab3c4

0-0289960/8248/83738_
105.057851370559670.027.01327.42
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0289960/8322/85904_
105.04743953368222080.027.52334.93
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0289960/7849/85294_
105.0310389366463130.025.57332.28
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0289960/8907/84948_
105.0470747371687830.029.10330.75
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0289960/8620/86555_
105.03980392372828650.027.98336.72
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0289960/8530/85367_
105.047927376054450.027.78335.23
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0289960/8825/86698_
105.044928382375740.028.70339.71
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0289960/8721/86381_
105.0458688375916150.028.67336.63
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_2dd18c3aa853a

0-0289960/8738/85869_
105.0466511369764030.028.41332.72
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0289960/8573/84924_
105.0392610381197740.027.68330.12
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0289960/8976/85219_
105.0453047372784560.029.32332.21
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-02899610/8528/85544W
105.05003812620711.628.03332.69
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /server-status HTTP/1.1

0-0289960/8748/86867_
105.03116315388795690.028.61338.77
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0289960/8036/84995_
105.043727369572590.026.24329.51
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0289960/8552/84065_
105.0423033368213840.027.78327.76
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_eca0fa4147570

0-0289960/8363/85894_
105.04425381390249530.027.46336.14
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0289960/8084/83895_
105.0414135370042990.026.67328.36
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_7b7a7667f557d

0-0289960/9333/86667_
105.043127392695570.030.11335.95
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0289960/8890/86739_
105.031130377390212820.029.09337.03
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0289960/8075/84297_
105.03111741371264810.026.39327.19
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_6b9c60b15e666

1-0264510/2420/70624_
30.9449736305307360.07.86276.72
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_fcc8cd7d1b873

1-0264510/2544/70883_
30.9432037311250360.08.21274.73
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_bfe03ca67510c

1-0264510/2687/70012_
30.935527320571710.08.52275.18
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0264510/2285/69392_
30.944328316797520.07.36271.42
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0264510/2511/70294_
30.936128312296330.08.12276.39
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0264510/2084/69690_
30.939127331276900.06.72275.84
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0264510/2234/69696_
30.9440945329401280.07.31274.95
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_23a03ffc48730

1-0264510/2273/69781_
30.942527321177030.07.36274.99
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0264510/2604/69859_
30.951927306088840.08.49276.10
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0264510/2710/71479_
30.951327321016520.08.84279.98
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0264510/2265/70474_
30.95127314349490.07.35276.12
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0264510/2662/70643_
30.911194487326121070.08.65275.08
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0264510/2701/70967_
30.95728323630750.08.81276.43
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0264510/2423/69393_
30.9111528330227070.07.86271.59
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0264510/2563/70792_
30.9210927317228800.08.28277.27
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0264510/2416/69480_
30.9111302302112750.07.82274.12
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

1-0264510/2810/70348_
30.921058374307258740.09.07277.14
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0264510/2359/69799_
30.93102938325214030.07.62274.18
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_ec658a13b8862

1-0264510/2355/70842_
30.939727326065470.07.70278.03
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0264510/2317/72867_
30.93763158338319470.07.49286.56
127.0.0.1http/1.1

Found on 2025-07-04 18:14

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387eac47d007

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Wednesday, 02-Jul-2025 14:07:00 UTC
Restart Time: Wednesday, 20-Nov-2024 05:27:22 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  224 days 8 hours 39 minutes 38 seconds
Server load: 1.06 1.44 1.28
Total accesses: 4147624 - Total Traffic: 16.0 GB - Total Duration: 1925562441
CPU Usage: u226.5 s389.61 cu1410.5 cs813.55 - .0147% CPU load
.214 requests/sec - 884 B/second - 4134 B/request - 464.257 ms/request
2 requests currently being processed, 48 idle workers
______________________W__.........................____K_________
___________.....................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0289960/2927/80842_
34.59124493370454720.09.79317.07
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_bb8dc6df93a81

0-0289960/3152/80099_
34.541352930347872850.010.45316.53
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0289960/2671/79507_
34.64112542368146320.08.79313.63
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_0fd8e0def6199

0-0289960/2837/80360_
34.42161356362306530.09.66317.78
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3c85c1b3738fc

0-0289960/2738/80014_
34.3218967378092510.09.15315.75
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0289960/2792/78282_
34.42166628366165320.09.39309.80
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0289960/2833/80415_
34.69101137363377800.09.80317.21
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_4e148c6d8ce28

0-0289960/2699/80144_
34.47150637362134580.08.88315.59
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_43ad01ada597a

0-0289960/2947/78988_
34.7489540366916010.09.76311.41
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_e7a66323030ad

0-0289960/2936/80871_
34.5214076367824960.09.65318.39
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0289960/2591/79428_
34.847247371624890.08.59316.04
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0289960/2720/80593_
34.993613378185830.09.03320.04
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3f416464ef92d

0-0289960/3505/81165_
34.9449536372203390.011.79319.75
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_79ed84799c1d7

0-0289960/3225/80356_
34.7983813365422730.010.63314.94
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0289960/2653/79004_
34.551293179376234180.08.68311.12
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_7e272002fd638

0-0289960/2743/78986_
34.8961037367798890.09.37312.27
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_866fd4bd7c408

0-0289960/2920/79936_
34.37178210376996680.09.80314.46
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0289960/2764/80883_
34.22208611383640650.09.17319.34
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0289960/3006/79965_
35.042027365720740.09.90313.18
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=https%3A%2F%2Five.toor

0-0289960/3234/78747_
35.07574364183820.010.60310.59
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-0289960/2549/80080_
34.9938040385731390.08.58317.26
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_fa58a5c039b6d

0-0289960/2759/78570_
35.071064364774060.09.36311.05
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_cab82a9308e5f

0-0289964/3093/80427W
35.07003872919110.99.90315.73
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /server-status HTTP/1.1

0-0289960/2791/80640_
34.4216551386097900.09.29317.23
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0289960/2578/78800_
34.26201041366573770.08.57309.37
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_49993c8eb7fd4

1-0-0/0/68204.
0.003996275303130680.00.00268.86
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

1-0-0/0/68339.
0.003996273308475650.00.00266.52
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

1-0-0/0/67325.
0.003996277318311220.00.00266.66
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0-0/0/67107.
0.003996277314884740.00.00264.06
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0-0/0/67783.
0.00399627401310176140.00.00268.27
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0-0/0/67606.
0.00399627600329601510.00.00269.12
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owEL3zK1DuJMEl7

1-0-0/0/67462.
0.003996270327742110.00.00267.64
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-0-0/0/67508.
0.003996270318040460.00.00267.63
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-0-0/0/67255.
0.003996273303428340.00.00267.61
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

1-0-0/0/68769.
0.00399627162318319630.00.00271.14
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0-0/0/68209.
0.00399627375311899480.00.00268.78
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0-0/0/67981.
0.003996277323613870.00.00266.43
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0-0/0/68266.
0.003996277321501880.00.00267.62
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0-0/0/66970.
0.00399627583328388070.00.00263.73
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BU5

1-0-0/0/68229.
0.003996270315282880.00.00268.99
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-0-0/0/67064.
0.003996272300598030.00.00266.30
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

1-0-0/0/67538.
0.003996278305099250.00.00268.07
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0-0/0/67440.
0.003996278323498560.00.00266.55
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0-0/0/68487.
0.003996277323760620.00.00270.33
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0-0/0/70550.
0.003996271033624488

Found on 2025-07-02 14:06

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387eb52d4d32

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Monday, 30-Jun-2025 10:56:55 UTC
Restart Time: Wednesday, 20-Nov-2024 05:27:22 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  222 days 5 hours 29 minutes 33 seconds
Server load: 1.04 1.00 1.10
Total accesses: 4024893 - Total Traffic: 15.6 GB - Total Duration: 1912867462
CPU Usage: u188.11 s363.21 cu1410.5 cs813.55 - .0145% CPU load
.21 requests/sec - 871 B/second - 4156 B/request - 475.259 ms/request
1 requests currently being processed, 49 idle workers
_________________________.........................___________W__
___________.....................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0289960/448/78363_
6.233737367855130.01.59308.87
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0289960/476/77423_
6.236425344806870.01.74307.81
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_06d809fa5349f

0-0289960/473/77309_
6.236138365718170.01.59306.43
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0289960/585/78108_
6.2288239360157460.02.13310.26
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_eec62e452d8f0

0-0289960/482/77758_
6.236739375885380.01.82308.41
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0289960/503/75993_
6.229021363726470.01.75302.16
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/chromebook/jquery.js HTTP/1.1

0-0289960/608/78190_
6.231937360856290.02.36309.77
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0289960/474/77919_
6.227937360160010.01.61308.32
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0289960/483/76524_
6.231337364394360.01.65303.30
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0289960/494/78429_
6.234938365674820.01.76310.51
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0289960/473/77310_
6.23284805369141190.01.55309.00
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Dec%2Be

0-0289960/502/78375_
6.201328395375754010.01.82312.83
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0289960/539/78199_
6.24739369697210.01.93309.89
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0289960/492/77623_
6.24137362440150.01.79306.10
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0289960/510/76861_
6.24523374201340.01.77304.21
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-0289960/569/76812_
6.2013544365916590.02.27305.16
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_8a63ef6f81bad

0-0289960/527/77543_
6.2210338374167990.01.94306.61
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0289960/493/78612_
6.2211111381137300.01.75311.92
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0289960/487/77446_
6.2012994362707250.01.72304.99
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_8effdb8fc1de0

0-0289960/479/75992_
6.211147446361425850.01.66301.64
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DecyHhs

0-0289960/616/78147_
6.211250383383994650.02.26310.94
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0289960/522/76333_
6.2112138362019500.01.83303.52
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0289960/408/77742_
6.2111475384459300.01.31307.14
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-0289960/487/78336_
6.22109310382649000.01.86309.80
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0289960/488/76710_
6.229738364546360.01.75302.55
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0-0/0/68204.
0.002154215303130680.00.00268.86
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

1-0-0/0/68339.
0.002154213308475650.00.00266.52
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

1-0-0/0/67325.
0.002154217318311220.00.00266.66
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0-0/0/67107.
0.002154217314884740.00.00264.06
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0-0/0/67783.
0.00215421401310176140.00.00268.27
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0-0/0/67606.
0.00215421600329601510.00.00269.12
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owEL3zK1DuJMEl7

1-0-0/0/67462.
0.002154210327742110.00.00267.64
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-0-0/0/67508.
0.002154210318040460.00.00267.63
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-0-0/0/67255.
0.002154213303428340.00.00267.61
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

1-0-0/0/68769.
0.00215421162318319630.00.00271.14
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0-0/0/68209.
0.00215421375311899480.00.00268.78
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0-0/0/67981.
0.002154217323613870.00.00266.43
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0-0/0/68266.
0.002154217321501880.00.00267.62
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0-0/0/66970.
0.00215421583328388070.00.00263.73
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BU5

1-0-0/0/68229.
0.002154210315282880.00.00268.99
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-0-0/0/67064.
0.002154212300598030.00.00266.30
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

1-0-0/0/67538.
0.002154218305099250.00.00268.07
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0-0/0/67440.
0.002154218323498560.00.00266.55
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0-0/0/68487.
0.002154217323760620.00.00270.33
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0-0/0/70550.
0.0021542110336244880.00.00279.08
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0-0/0/68

Found on 2025-06-30 10:56

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387ebeebf880

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Thursday, 26-Jun-2025 05:52:28 UTC
Restart Time: Wednesday, 20-Nov-2024 05:27:22 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  218 days 25 minutes 6 seconds
Server load: 1.03 1.32 1.21
Total accesses: 3976919 - Total Traffic: 15.4 GB - Total Duration: 1895129330
CPU Usage: u195.81 s362.71 cu1384.23 cs798.53 - .0146% CPU load
.211 requests/sec - 878 B/second - 4159 B/request - 476.532 ms/request
1 requests currently being processed, 49 idle workers
__________________________________________W_______..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-024050/1362/77562_
17.34413393364987530.05.32305.77
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-024050/1233/76600_
17.325185342005910.04.97304.54
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/no_cookie.php?retryURL=https://toorak-logi

0-024050/1334/76461_
17.3162646361766640.05.52303.31
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-024050/1345/77131_
17.3158051356676350.05.30306.64
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-024050/1223/76947_
17.34375217372414150.04.64305.28
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-024050/1272/75201_
17.3347559360895190.05.04299.14
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-024050/1320/77242_
17.34432371357927990.05.01306.04
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-024050/1303/77113_
17.343751030357319100.04.85305.39
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BSx

0-024050/1316/75689_
17.353477361278900.05.15300.26
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-024050/1351/77657_
17.35180960363481180.05.34307.63
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-024050/1254/76485_
17.352277366714260.05.10306.06
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-024050/1251/77580_
17.351020371890740.04.95309.92
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-024050/1373/77357_
17.29804275365713320.05.27306.87
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DecyELS

0-024050/1435/76841_
17.298267358773450.05.56303.12
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-024050/1358/76045_
17.298868370655610.05.51301.18
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-024050/1252/75950_
17.35141226363057690.04.75301.77
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=fZJdT4MwFIb%2fCul9obC

0-024050/1347/76696_
17.316115369838800.05.31303.37
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-024050/1278/77819_
17.3513226377942380.05.17309.15
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BSA

0-024050/1267/76624_
17.30673215360586240.05.10301.95
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=fZFRb4IwFIX%2FStN3Wug

0-024050/1277/75205_
17.35478358111300.05.13298.71
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-024050/1326/77164_
17.35800381197140.05.25307.16
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-024050/1258/75518_
17.297677359300310.04.81300.57
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-024050/1325/76977_
17.325005381533630.05.25304.38
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/no_cookie.php?retryURL=https://toorak-logi

0-024050/1355/77451_
17.31641200378352690.05.37306.42
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BVx

0-024050/1415/75826_
17.306970361569590.05.65299.33
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-0107600/1039/67740_
13.911677301332520.04.04267.00
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0107600/1251/67875_
13.912001306447030.04.77264.71
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-0107600/845/66816_
13.91317113315374450.03.02264.59
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0107600/1141/66679_
13.93810312610370.04.33262.32
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /resources/post.js HTTP/1.1

1-0107600/1108/67333_
13.912877308611130.04.56266.51
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0107600/1007/67116_
13.894611794328438010.03.73267.38
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0107600/888/66985_
13.895195326208160.03.60265.83
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?RelayState=/timetable&cookieTime=

1-0107600/1073/67046_
13.893875316365550.04.06265.73
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owEL3zK1Du%2BSD

1-0107600/1080/66848_
13.886274300434960.04.56266.16
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/chromebook/jquery.js HTTP/1.1

1-0107600/1130/68374_
13.8584947316547990.04.51269.56
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0107600/952/67832_
13.8765533310608280.03.94267.28
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_c406ae98fe3d5

1-0107600/995/67467_
13.886114322140530.03.83264.61
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

1-0107600/1049/67838_
13.8941510758320165050.04.15266.10
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0107600/1172/66590_
13.903794326123100.04.47262.35
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/chromebook/jquery.js HTTP/1.1

1-0107600/1034/67774_
13.8948534313669370.04.01267.24
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_37b842af7de1f

1-0107600/964/66641_
13.8953547298764930.03.94264.69
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0107600/1099/67088_
13.857860303124040.04.21266.33
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-01076011/1047/66879W
13.94003201087219.63.93264.49
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /server-status HTTP/1.1

1-0107600/1166/68021_
13.921280322027650.04.46268.47
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-0107600/1117/70122_
13.8768721133492280

Found on 2025-06-26 05:52

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e35ab0675

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Tuesday, 24-Jun-2025 06:44:37 UTC
Restart Time: Wednesday, 20-Nov-2024 05:27:22 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  216 days 1 hour 17 minutes 15 seconds
Server load: 1.08 1.72 1.94
Total accesses: 3942921 - Total Traffic: 15.3 GB - Total Duration: 1879887322
CPU Usage: u183.43 s352.89 cu1384.23 cs798.53 - .0146% CPU load
.211 requests/sec - 878 B/second - 4160 B/request - 476.775 ms/request
1 requests currently being processed, 49 idle workers
___________________________W______________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-024050/695/76895_
8.631082362807700.02.72303.17
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_75e5f7fd4fe5e

0-024050/564/75931_
8.612100340070810.02.46302.03
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-024050/745/75872_
8.61264371359374300.03.21301.01
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1DuSZw0B

0-024050/658/76444_
8.613044352695660.02.53303.87
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-024050/592/76316_
8.612313369263270.02.25302.88
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-024050/630/74559_
8.612813357194420.02.55296.66
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-024050/663/76585_
8.631765352879100.02.64303.67
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-024050/664/76474_
8.631403354598730.02.52303.06
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-024050/676/75049_
8.6377403358463980.02.73297.84
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owEL3zK1Du%2Bc6

0-024050/629/76935_
8.63163359564650.02.57304.86
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_5b135a8db86fe

0-024050/520/75751_
8.63453364134000.02.02302.99
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-024050/614/76943_
8.595881368258360.02.53307.50
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-024050/646/76630_
8.614721362542650.02.51304.11
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-024050/644/76050_
8.615122355853550.02.49300.05
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_cef61034726e6

0-024050/630/75317_
8.61548210367594030.02.66298.33
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BWT

0-024050/568/75266_
8.6362386358984270.02.07299.09
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owEL3zK1DuSdiw2

0-024050/684/76033_
8.613482366582230.02.82300.89
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_04c582938b32e

0-024050/575/77116_
8.6057545375298890.02.44306.42
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-024050/671/76028_
8.614254357272540.02.83299.69
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-024050/581/74509_
8.614893354355000.02.38295.96
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-024050/604/76442_
8.5959335377437740.02.55304.47
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_0b1eae9fb2530

0-024050/651/74911_
8.61311610357613540.02.57298.33
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PEiGK

0-024050/541/76193_
8.613996377539900.02.30301.43
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_221f2bc4e7f99

0-024050/629/76725_
8.6137549375078670.02.57303.62
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-024050/680/75091_
8.614586358576670.02.71296.39
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

1-0107600/352/67053_
5.155594298855640.01.38264.34
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

1-0107600/491/67115_
5.1558048303842120.01.88261.82
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-01076013/326/66297W
5.20003120196420.31.18262.74
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /server-status HTTP/1.1

1-0107600/437/65975_
5.1747244309563010.01.64259.63
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0107600/418/66643_
5.1558047306152590.01.73263.68
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0107600/298/66407_
5.20712326168000.01.14264.79
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_30fac9702cb53

1-0107600/323/66420_
5.182174323126970.01.45263.68
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_d98123fa06335

1-0107600/401/66374_
5.191312311695050.01.50263.17
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3677dbb58be92

1-0107600/385/66153_
5.1919260297463440.01.56263.15
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0107600/431/67675_
5.174393312902060.01.86266.91
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0107600/333/67213_
5.182714307303480.01.32264.66
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

1-0107600/344/66816_
5.182473319122120.01.29262.06
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_f579d2dae7e5b

1-0107600/380/67169_
5.20870317467410.01.49263.45
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-0107600/387/65805_
5.20223322622200.01.44259.33
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_e625838d86d51

1-0107600/423/67163_
5.20522311873300.01.66264.89
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_5cb75c4125ffe

1-0107600/339/66016_
5.19153843295494550.01.47262.22
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0107600/356/66345_
5.1651830299982910.01.40263.53
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_d6f16214a9d2d

1-0107600/413/66245_
5.174165317615010.01.70262.26
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0107600/464/67319_
5.155330319388200.01.81265.82
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /favicon.ico HTTP/1.1

<

Found on 2025-06-24 06:44

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e70ad2302

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-07-17T18:57:26

Current Time: Sunday, 22-Jun-2025 02:39:56 UTC
Restart Time: Wednesday, 20-Nov-2024 05:27:22 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  213 days 21 hours 12 minutes 34 seconds
Server load: 0.47 0.92 1.10
Total accesses: 3902988 - Total Traffic: 15.1 GB - Total Duration: 1862330124
CPU Usage: u191.46 s356.71 cu1360.45 cs783.49 - .0146% CPU load
.211 requests/sec - 878 B/second - 4160 B/request - 477.155 ms/request
1 requests currently being processed, 49 idle workers
........................._______________________________W_______
___________.....................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0-0/0/76200.
0.003175443359737770.00.00300.45
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0-0/0/75367.
0.003175441338450750.00.00299.57
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-0-0/0/75127.
0.003175446356358680.00.00297.80
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0-0/0/75786.
0.003175445350863820.00.00301.34
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0-0/0/75724.
0.00317544251366195650.00.00300.63
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BaR

0-0-0/0/73929.
0.0031754441355627410.00.00294.11
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_dac390baa15ae

0-0-0/0/75922.
0.00317544890349040770.00.00301.03
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0-0/0/75810.
0.003175445351838880.00.00300.54
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0-0/0/74373.
0.00317544378354276620.00.00295.11
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-0-0/0/76306.
0.003175446356383200.00.00302.29
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0-0/0/75231.
0.003175442361331100.00.00300.97
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_1e0316a192d21

0-0-0/0/76329.
0.003175440365499930.00.00304.97
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-0-0/0/75984.
0.0031754431359609640.00.00301.60
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3939bd1f38c3c

0-0-0/0/75406.
0.003175445352834170.00.00297.56
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0-0/0/74687.
0.003175445364255590.00.00295.67
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0-0/0/74698.
0.003175446356169680.00.00297.03
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0-0/0/75349.
0.003175445363130280.00.00298.07
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0-0/0/76541.
0.003175443372967580.00.00303.98
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-0-0/0/75357.
0.003175445354976380.00.00296.85
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0-0/0/73928.
0.003175447351660770.00.00293.58
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0-0/0/75838.
0.003175442374793100.00.00301.91
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_1f2158b068be6

0-0-0/0/74260.
0.00317544404354969510.00.00295.76
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0-0/0/75652.
0.0031754449374370830.00.00299.12
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0-0/0/76096.
0.003175441022372950960.00.00301.05
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0-0/0/74411.
0.003175448356307090.00.00293.68
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

1-0175350/1200/66503_
16.5110354296403030.04.70262.12
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0175350/1379/66426_
16.53454301421050.04.77259.05
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_f8e1395c9ea76

1-0175350/1307/65801_
16.519146309846000.04.80260.93
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0175350/1385/65349_
16.516154307480330.04.97257.26
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0175350/1255/66055_
16.517345304618110.04.72261.28
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0175350/1189/65902_
16.523101324678410.04.56262.87
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-0175350/1354/65857_
16.517010320673970.04.78261.30
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/chromebook/jquery.js HTTP/1.1

1-0175350/1158/65822_
16.531354310063460.03.97261.16
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0175350/1208/65597_
16.5012755295161510.04.51261.02
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0175350/1389/67089_
16.5013355310587250.05.31264.46
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0175350/1266/66677_
16.5011701304403670.04.80262.54
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0175350/1127/66289_
16.523755317121230.04.32260.11
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0175350/1234/66621_
16.511107221314261140.04.46261.24
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/hotp.php HTTP/1.1

1-0175350/1393/65277_
16.501322395320539070.05.04257.44
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owEL3zK1Du5DuAL

1-0175350/1316/66569_
16.53145309018070.04.85262.67
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0175350/1116/65496_
16.518303292930410.04.20259.97
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

1-0175350/1331/65806_
16.524946298484120.04.86261.31
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0175350/1441/65656_
16.516810314749160.05.34259.93
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-0175350/1451/66634_
16.5345402317455770.05.28263.14
127.0.0.1http/1.1ip-10-1-103-3.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BSA

1-0175350/1520/68818_
16.53246405329266270.05.23272.45
127.0.0.1http/1.1

Found on 2025-06-22 02:39

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e92678798

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Sunday, 10-Nov-2024 09:24:31 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  62 days 3 hours 25 minutes 46 seconds
Server load: 2.13 1.49 1.44
Total accesses: 807793 - Total Traffic: 3.7 GB - Total Duration: 476966655
CPU Usage: u72.94 s109.25 cu322.28 cs156.68 - .0123% CPU load
.15 requests/sec - 731 B/second - 4865 B/request - 590.457 ms/request
1 requests currently being processed, 49 idle workers
_____________W____________________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-070020/1113/15650_
16.08270089654270.05.6071.47
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-070020/872/14694_
16.07399089020530.04.2968.39
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-070020/1104/15085_
16.07373116680064450.05.5269.72
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BXC

0-070020/1068/14890_
16.0658086887565560.05.4368.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PGEGx

0-070020/958/15090_
16.06698093795980.04.3469.62
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-070020/1002/14230_
16.04101219780670730.04.9065.00
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Dec%2BO

0-070020/986/14894_
16.064376690134390.04.4569.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-070020/930/14276_
16.0684949591079870.04.2566.05
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-070020/1020/14359_
16.0915659184579120.04.7765.78
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=fZJdT4MwFIb%2fCul9gTK

0-070020/1118/15032_
16.0912919685855720.05.3668.51
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=fVJbT8IwFP4rS9%2b7tQM

0-070020/1076/14671_
16.021226089020410.05.2169.06
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-070020/901/14996_
16.091154890651700.04.4971.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-070020/1122/14613_
16.0830676878311540.05.4169.83
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVLPT8IwFP5Xlt63bsMNb

0-070029/1014/15021W
16.0900921071018.34.7967.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

0-070020/1121/14822_
16.041124287080110.05.3467.96
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-070020/1180/15016_
16.0212555787630890.05.6669.04
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-070020/939/14396_
16.021289124581470330.04.5466.85
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owEL3zK1Du5AtYG

0-070020/1080/14297_
16.031212088275090.05.0766.91
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-070020/1171/15069_
16.041027783764010.05.4570.10
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-070020/1219/15275_
16.04108822587759720.05.4169.82
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Fwww.socs

0-070020/1153/14556_
16.0590918283890730.05.0467.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=fVLdT4MwEP9XSN8LlH22G

0-070020/1024/14206_
16.06839084461430.04.6064.95
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/script.js HTTP/1.1

0-070020/888/15269_
16.04965084554940.03.9970.02
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-070020/1053/14294_
16.068593580935530.04.8765.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-070020/1218/14590_
16.0919522388755790.06.3467.88
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BWJ

1-069120/1043/12165_
16.7589858670164510.04.7856.04
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=pVPbahsxEP0Vofe9%2bFY

1-069120/1081/12268_
16.7683029770928070.05.3957.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/mfa/hotp.php?hotp_id=581&StateId=

1-069120/1184/12585_
16.73103861572462700.05.5257.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

1-069120/1107/12278_
16.764468969666970.05.0756.02
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-069120/1191/12754_
16.749785373762340.05.9659.80
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-069120/1217/12487_
16.7312365073534240.05.8457.53
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-069120/967/12619_
16.74929869389620.04.6157.59
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-069120/987/12562_
16.77345112266997980.04.5358.16
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-069120/936/12690_
16.76394872062280.04.4567.68
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-069120/1084/12872_
16.76821076717690.05.1159.85
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-069120/1157/12751_
16.77223175496510.05.7462.03
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/webauthn.js HTTP/1.1

1-069120/1069/12333_
16.7714918375726720.05.2656.67
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BYT

1-069120/1081/12634_
16.7642258377785370.05.4658.67
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BST

1-069120/1075/12487_
16.771954571770360.04.9856.91
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-069120/1140/12302_
16.77296075959980.05.9957.88
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-069120/1042/12117_
16.72126495870853120.04.7155.68
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-069120/1080/12790_
16.781034970663700.04.9759.00
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-069120/1095/12661_
16.73118420771541230.04.9258.04
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owEL3zK1DuSUg2s

1-069120/1047/12297_
16.73111119269990990.05.1257.16
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

1-069120/1018/12654_
16.78118171513150.04.5957.81
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.co

Found on 2024-11-10 09:24

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e30de32ea

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Friday, 08-Nov-2024 06:40:13 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  60 days 41 minutes 28 seconds
Server load: 0.64 1.09 1.24
Total accesses: 789655 - Total Traffic: 3.6 GB - Total Duration: 467730619
CPU Usage: u64.19 s102.73 cu322.28 cs156.68 - .0125% CPU load
.152 requests/sec - 741 B/second - 4868 B/request - 592.323 ms/request
1 requests currently being processed, 49 idle workers
____________________________W_____________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-070020/684/15221_
11.012014987262450.03.3669.23
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-070020/550/14372_
11.0022726487400980.02.7566.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BQK

0-070020/772/14753_
10.951172078866960.04.1168.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.js HTTP/1.1

0-070020/668/14490_
11.0036089785670070.03.3966.67
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Decydta

0-070020/604/14736_
11.003073692091250.02.8468.12
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_58a6e1a10ea97

0-070020/667/13895_
10.98730178146450.03.4563.56
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-070020/609/14517_
11.0046259887135680.02.6267.50
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PCeTm

0-070020/606/13952_
11.00519332589384240.02.9364.73
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owEL3zK1DuSUiys

0-070020/700/14039_
10.971145182596520.03.4264.43
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-070020/795/14709_
10.971115084315760.03.9567.11
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-070020/670/14265_
10.98883187202690.03.4167.27
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-070020/642/14737_
10.97104864888495700.03.2270.37
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7JCRQT

0-070020/716/14207_
10.971136176988640.03.4767.88
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.js HTTP/1.1

0-070020/717/14724_
10.97108043790421400.03.5366.61
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PGF4W

0-070020/716/14417_
10.9882146385771490.03.4166.03
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Dec120W

0-070020/783/14619_
10.9799830485634410.03.8167.18
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSh7kjg8R

0-070020/707/14164_
10.98846079377330.03.4965.80
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-070020/769/13986_
10.98808086865660.03.7465.57
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /apple-touch-icon.png HTTP/1.1

0-070020/810/14708_
10.9877921482503170.03.7968.44
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DecxUFa

0-070020/853/14909_
10.987303085928060.03.7968.21
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_99f5a98350741

0-070020/821/14224_
11.00545081654900.03.6265.93
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.js HTTP/1.1

0-070020/679/13861_
10.99648082541520.03.0463.39
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-070020/546/14927_
10.98722182784000.02.5968.62
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-070020/682/13923_
10.9871077278757830.03.3263.59
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hZJPb9swDMXvA%2FodDN3

0-070020/872/14244_
11.028231686547450.04.6966.23
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPZjtowFH3nK1Des7IMt

1-069120/713/11835_
11.3061445067965900.03.3454.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7vIcpW

1-069120/724/11911_
11.3021818869228940.03.7756.09
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7JCQkD

1-069120/818/12219_
11.30530362070589320.03.8255.45
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLbtswELz7Kwzd9a4Sg

1-069128/797/11968W
11.310068227539.63.5854.53
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

1-069120/837/12400_
11.30348072309390.04.3358.17
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-069120/882/12152_
11.30722471809280.04.3056.00
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3944565e1d50f

1-069120/629/12281_
11.304541267713200.02.9955.97
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-069120/625/12200_
11.26113335465034850.03.0756.70
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PBxGD

1-069120/608/12362_
11.261039143070260900.02.9966.21
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-069120/667/12455_
11.31187074581620.03.0557.79
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.js HTTP/1.1

1-069120/650/12244_
11.2610635473289820.03.2559.54
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-069120/676/11940_
11.261095373688080.03.5254.93
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

1-069120/595/12148_
11.25116439275876110.03.0956.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLrtowEN3zFSj7PHncy

1-069120/695/12107_
11.268584469817670.03.3255.25
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-069120/740/11902_
11.2611273973761730.04.0455.93
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-069120/700/11775_
11.28768069204750.03.3254.29
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-069120/670/12380_
11.2782146668380720.03.2557.28
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Dek3DJo

1-069120/710/12276_
11.28795070475000.03.5256.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-069120/710/11960_
11.297302868799220.03.6355.68
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_74a2e317c16b3

1-069120/660/12296_
11.2693576770149860.03.0956.31
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLj

Found on 2024-11-08 06:40

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387ee8db6ca0

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Wednesday, 06-Nov-2024 21:40:36 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  58 days 15 hours 41 minutes 51 seconds
Server load: 3.15 5.24 4.60
Total accesses: 763334 - Total Traffic: 3.5 GB - Total Duration: 450902973
CPU Usage: u51.65 s95.13 cu322.28 cs156.68 - .0123% CPU load
.151 requests/sec - 731 B/second - 4855 B/request - 590.702 ms/request
4 requests currently being processed, 46 idle workers
______________WK______________W_________________W_..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-070020/181/14718_
2.72142483315170.00.8666.73
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-070020/170/13992_
2.7215450783955470.00.8164.91
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1DuSXAKh

0-070020/175/14156_
2.712531075608820.00.8865.08
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/accountinfo/start-reset.php HTTP/1.1

0-070020/173/13995_
2.71201081808650.00.8564.13
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-070020/162/14294_
2.7027829086521080.00.7065.98
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Deya1Jy

0-070020/117/13345_
2.68404475478140.00.5660.66
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-070020/207/14115_
2.74106085278670.00.7965.67
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-070020/214/13560_
2.71177148985829470.01.0362.83
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/accountinfo/check.php?code=1734422963&username=

0-070020/203/13542_
2.73122179480220.00.9361.94
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-070020/199/14113_
2.749125581407070.00.8664.02
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNdb9owFH3nV6C857Mta

0-070020/168/13763_
2.7523183064840.00.7864.63
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.js HTTP/1.1

0-070020/211/14306_
2.74852484599430.01.0168.16
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-070020/168/13659_
2.745237273998980.00.7265.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbrppAFH33KwzvgIAHY

0-070020/193/14200_
2.7430115286694040.00.8563.93
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-070020/178/13879W
2.670082483530.00.8263.44
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PGEes

0-0700215/225/14061K
2.7501486817747848.41.0664.44
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-070020/213/13670_
2.6842180976322830.01.0063.31
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJdT9swFH2ftP9g%2BT1

0-070020/197/13414_
2.68441427084291430.00.8962.72
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=fZJdT8IwFIb%2fytL7bu3

0-070020/187/14085_
2.683921179773650.00.7765.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_f734afac31b33

0-070020/178/14234_
2.68352182476900.00.8065.21
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-070020/181/13584_
2.6836339978683710.00.8563.15
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BaZ

0-070020/166/13348_
2.6932315279349660.00.7561.10
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-070020/190/14571_
2.70308080884320.00.9066.93
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-070020/182/13423_
2.70298176133560.00.8261.10
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/css/theme.css HTTP/1.1

0-070020/201/13573_
2.71189482269550.00.9162.45
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-069120/231/11353_
2.7331639565214620.01.0552.31
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjpswFN3nKyL2PAx5T

1-069120/175/11362_
2.72330164735880.00.9453.26
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-069120/227/11628_
2.73329167601700.01.1152.73
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/webauthn.js HTTP/1.1

1-069120/160/11331_
2.72346064223810.00.6851.62
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-069120/164/11727_
2.7140412469703910.00.7854.62
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-069124/191/11461W
2.780068729534.10.8352.52
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Dec8%2F

1-069120/185/11837_
2.742785262836370.00.8453.81
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-069120/185/11760_
2.7424144660605850.00.8054.43
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-069120/144/11898_
2.7426714866007500.00.6163.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-069120/174/11962_
2.74210070413910.00.7855.52
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-069120/156/11750_
2.75176569460160.00.6656.95
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/accountinfo/reset.php?username=53241&code=17344

1-069120/193/11457_
2.75169369893600.00.9752.37
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_5ee17c2e8340d

1-069120/160/11713_
2.76145172725140.00.7853.99
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/webauthn.js HTTP/1.1

1-069120/196/11608_
2.761225167467080.00.9652.89
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Dec910I

1-069120/180/11342_
2.76132170617770.00.8652.75
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-069120/179/11254_
2.786624166825100.00.8751.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DecyXAx

1-069120/181/11891_
2.7781065002040.00.8154.83
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/webauthn.js HTTP/1.1

1-069120/222/11788_
2.78334967728890.01.0354.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-069120/185/11435_
2.7845064854450.00.9452.99
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-069120/144/11780_
2.77108125766700670.00.6253.84
127.0.0.1http/1.1ip-10-1-99-42.a

Found on 2024-11-06 21:40

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387ee2cc4c2e

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Monday, 04-Nov-2024 23:51:48 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  56 days 17 hours 53 minutes 3 seconds
Server load: 1.79 2.19 2.11
Total accesses: 731929 - Total Traffic: 3.3 GB - Total Duration: 431732758
CPU Usage: u67.87 s100.99 cu291.87 cs141.64 - .0123% CPU load
.149 requests/sec - 724 B/second - 4854 B/request - 589.856 ms/request
1 requests currently being processed, 49 idle workers
__________________________________W_______________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0271960/1085/14164_
16.04359378974380.04.9464.06
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_66c97c11c0d41

0-0271960/1121/13377_
16.046994980146940.05.0162.18
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0271960/1014/13482_
16.02867171501440.04.6761.81
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-0271960/1265/13440_
16.02807178309850.05.8861.40
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-0271960/976/13556_
16.0468046483068120.04.6362.63
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj5swFLznV0Tc%2BTB

0-0271960/1005/12794_
16.0284243572718620.04.5258.19
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-0271960/1073/13389_
16.04590280107560.05.1262.46
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-0271960/1044/13007_
16.0376490781797050.05.0160.24
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj5swFLznV0Tc%2BQw

0-0271960/1219/12966_
16.04564197774639180.05.6959.25
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0271960/1138/13475_
16.0451530377637130.05.3361.20
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7JOTRy

0-0271960/1240/13173_
16.05195577681670.05.9361.92
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/1055/13737_
16.0461687981213620.05.0965.27
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7JCQEy

0-0271960/1082/13052_
16.05285470721310.04.8862.29
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/967/13580_
16.04473983596230.04.1661.04
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0271960/1030/13154_
16.05241078575710.04.7660.20
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-0271960/1144/13395_
16.05299378530990.05.1961.27
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.js HTTP/1.1

0-0271960/1040/12995_
16.05230172852840.04.9160.32
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0271960/1228/12796_
16.06158080930890.05.7159.72
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-0271960/1252/13411_
16.0687176182260.06.1662.50
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/css/theme.css HTTP/1.1

0-0271960/1238/13666_
16.02925080174750.06.0162.75
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /robots.txt HTTP/1.1

0-0271960/1159/12943_
16.021023211875353720.05.4060.27
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0271960/1109/12789_
16.061004276133820.05.1058.50
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_c0a38ddebb4ad

0-0271960/1249/13834_
16.0636377369160.05.9863.45
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_05176cc1e5cea

0-0271960/1090/12890_
16.021005372949560.04.9758.65
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_d8193ef1f8c8b

0-0271960/1171/12927_
16.029613979102120.05.5059.50
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_f24ebb0edd56b

1-0271430/1006/10675_
16.00797061866950.04.7849.07
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-0271430/1239/10659_
15.99859060297200.06.1249.75
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-0271430/1035/10991_
15.971005125564207830.05.0449.74
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owEL3zK1DuSUg2W

1-0271430/956/10755_
16.03219297860885990.04.2249.05
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0271430/1188/11064_
15.97970366886430.05.6551.46
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_9ebb80724b93d

1-0271430/1142/10878_
16.0487065431900.05.1049.74
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-0271430/1009/11155_
16.04174358240300.04.8450.63
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0271430/1134/11100_
15.97946356611020.05.1751.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_0278c9a23c20f

1-0271430/1026/11294_
16.01653461377050.04.8161.10
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-02714316/1179/11310W
16.0400652462931.45.5852.53
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

1-0271430/1198/11159_
16.01677065733380.05.6054.29
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-0271430/1037/10869_
16.01491464994030.04.9149.43
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

1-0271430/1203/11162_
16.016053468847940.05.8851.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_1424546b899d8

1-0271430/996/10948_
16.008065262964960.04.7750.02
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0271430/1299/10787_
16.015781065466780.06.0550.02
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0271430/1060/10636_
15.98898126362681480.05.0048.97
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0271430/1268/11223_
16.0229518760138210.05.9851.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0271430/1125/11093_
16.00752464081150.05.1551.09
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

1-0271430/1044/10856_
16.02349174859558620.04.7350.11
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7JORBA

1-0271430/1400/11188_
16.04128127363620980.06.7251.11
127.0.0.1h

Found on 2024-11-04 23:51

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e4a03b5e8

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Saturday, 02-Nov-2024 22:00:52 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  54 days 16 hours 2 minutes 7 seconds
Server load: 4.62 2.23 1.63
Total accesses: 711998 - Total Traffic: 3.2 GB - Total Duration: 422414060
CPU Usage: u58.33 s93.88 cu291.87 cs141.64 - .0124% CPU load
.151 requests/sec - 732 B/second - 4862 B/request - 593.28 ms/request
1 requests currently being processed, 49 idle workers
_________W________________________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0271960/700/13779_
10.161351477153570.03.3562.47
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/689/12945_
10.189340377687480.03.1860.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/628/13096_
10.172245069940820.03.0960.24
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0271960/910/13085_
10.172485776434170.04.4059.92
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0271960/595/13175_
10.181634081464930.02.8860.88
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0271960/637/12426_
10.17455470582520.02.9956.66
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/664/12980_
10.1864378205820.03.2160.55
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_17b9d79e73b65

0-0271960/629/12592_
10.18168129479523290.03.0758.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0271960/818/12565_
10.161263472492620.03.9657.52
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-02719610/717/13054W
10.1800758174120.93.4759.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

0-0271960/801/12734_
10.161134774547700.03.9759.95
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-0271960/662/13344_
10.161290079322390.03.2363.41
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /robots.txt HTTP/1.1

0-0271960/695/12665_
10.161106168958230.03.1260.53
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.js HTTP/1.1

0-0271960/596/13209_
10.161171481029300.02.6659.54
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/653/12777_
10.161088276674430.03.0858.52
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/webauthn.js HTTP/1.1

0-0271960/676/12927_
10.1612115476755880.03.2259.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0271960/658/12613_
10.17925957371094570.03.1858.59
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/766/12334_
10.17911179486760.03.7957.80
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0271960/835/12994_
10.17845374546850.04.3960.73
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_cbe7ea97520ed

0-0271960/880/13308_
10.17610578394770.04.4561.19
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_f8e160f87ea35

0-0271960/746/12530_
10.17674673273880.03.5658.43
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_f18e31aed5af3

0-0271960/654/12334_
10.178759274320130.03.0956.49
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0271960/834/13419_
10.17856162076035180.04.1861.65
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1DuSZw0s

0-0271960/742/12542_
10.173163171489820.03.5857.25
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_bac5021ff8f07

0-0271960/719/12475_
10.17382577103860.03.6857.69
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_2ff72b4480b60

1-0271430/628/10297_
10.20855059903570.03.1147.39
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-0271430/849/10269_
10.20889458446080.04.4648.09
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0271430/669/10625_
10.1911123962784500.03.3248.02
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_8c390e1a9bb0b

1-0271430/590/10389_
10.17129960059047070.02.5847.41
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=fVLdT4MwEP9XSN8LFNgHz

1-0271430/779/10655_
10.2010765364980980.03.8649.67
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0271430/762/10498_
10.1911563664004550.03.6048.24
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_122d1bc976137

1-0271430/629/10775_
10.1712243256565800.03.1848.97
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_1e4034b26498f

1-0271430/708/10674_
10.201098155057030.03.3149.45
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0271430/678/10946_
10.2049741159759830.03.1559.45
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0271430/734/10865_
10.2091723263685000.03.5750.52
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0271430/819/10780_
10.20421563914960.04.0752.76
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_9d206e48029fc

1-0271430/633/10465_
10.212354963349080.03.0047.52
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0271430/803/10762_
10.20291467032620.04.1249.55
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0271430/599/10551_
10.20635060266190.02.8248.07
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-0271430/933/10421_
10.20333463514920.04.4948.46
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_6cb6354b6f272

1-0271430/649/10225_
10.20857987660244240.03.1847.16
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0271430/912/10867_
10.22156058023350.04.5650.45
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-0271430/733/10701_
10.20825462412920.03.4649.39
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0271430/590/10402_
10.2279357972350.02.6548.03
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_055a48f9ffe2c

1-0271430/912/10700

Found on 2024-11-02 22:00

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387ecf4987d2

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Friday, 01-Nov-2024 18:03:51 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  53 days 12 hours 5 minutes 6 seconds
Server load: 1.59 1.78 1.39
Total accesses: 704559 - Total Traffic: 3.2 GB - Total Duration: 418178218
CPU Usage: u54.57 s90.6 cu291.87 cs141.64 - .0125% CPU load
.152 requests/sec - 741 B/second - 4866 B/request - 593.532 ms/request
1 requests currently being processed, 49 idle workers
__________________W_______________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0271960/522/13601_
8.041197475944610.02.5961.70
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/555/12811_
8.04114543376549080.02.6859.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/487/12955_
8.04152739969167630.02.4559.59
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-0271960/753/12928_
8.041392675973000.03.7559.27
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

0-0271960/454/13034_
8.041314380231390.02.3160.31
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-0271960/479/12268_
8.042115469007020.02.3155.98
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/522/12838_
8.051039397177460860.02.5359.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/479/12442_
8.04160141578775450.02.3857.61
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/648/12395_
8.0573743372011700.03.2456.80
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/587/12924_
8.051118474808850.02.9958.86
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/636/12569_
8.0567039873692160.03.2459.23
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/508/13190_
8.0596990478318510.02.5062.67
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/537/12507_
8.0539240368144160.02.4459.85
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/442/13055_
8.0553343580041160.02.0058.88
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/522/12646_
8.0531845876298330.02.5958.03
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/549/12800_
8.05615575600450.02.6958.77
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/574/12529_
8.05221161170208650.02.8158.22
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/621/12189_
8.05203378980610.03.1057.11
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_9c53cc0e59bd5

0-0271968/699/12858W
8.050073961949.63.8060.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

0-0271960/696/13124_
8.041938377788130.03.6960.43
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_47362dc5ca6a2

0-0271960/575/12359_
8.041964572543650.02.9257.78
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_bc7d5b5e0f696

0-0271960/509/12189_
8.0594373798980.02.4455.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_7c83dd7e4bc73

0-0271960/670/13255_
8.0539475082800.03.5160.98
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0271960/588/12388_
8.041685570850710.02.9656.63
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_99e95e0f67924

0-0271960/595/12351_
8.0418721076472220.03.1857.18
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0271430/507/10176_
8.05123458968810.02.6046.89
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_a819371fdafcc

1-0271430/706/10126_
8.05362457389050.03.7147.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_32e085a46bfe6

1-0271430/532/10488_
8.05580761496560.02.6947.38
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_e5a17bcd4df94

1-0271430/401/10200_
8.041185557968470.01.8146.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_18f8ae6fa83c9

1-0271430/605/10481_
8.05505664314370.03.0948.90
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/frontpage_welcome.php HTTP/1.1

1-0271430/585/10321_
8.041004362774560.02.8647.50
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3a83194444f41

1-0271430/447/10593_
8.04849555560520.02.2648.06
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_62b90473ca357

1-0271430/557/10523_
8.04631354268130.02.7048.83
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_ecdfd5f6b6cc8

1-0271430/570/10838_
8.03204150558688120.02.7459.04
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0271430/597/10728_
8.05310463071680.02.9549.90
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0271430/710/10671_
8.03217440963693830.03.6452.33
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0271430/482/10314_
8.041656362364830.02.4246.94
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_6acc7f9743964

1-0271430/691/10650_
8.041881116866350120.03.6849.11
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0271430/448/10400_
8.0510359729860.02.1647.40
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_240263bae4b4e

1-0271430/757/10245_
8.041951474162536570.03.7647.74
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0271430/497/10073_
8.052126359440080.02.5046.47
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0271430/754/10709_
8.04144740056508010.03.8849.77
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0271430/578/10546_
8.054551261789300.02.7948.73
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0271430/467/10279_
8.04132946057364080.02.1647.54
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/i

Found on 2024-11-01 18:03

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387eb99aa1dd

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Wednesday, 30-Oct-2024 10:50:39 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  51 days 4 hours 51 minutes 54 seconds
Server load: 0.25 0.55 0.66
Total accesses: 650840 - Total Traffic: 2.9 GB - Total Duration: 389334511
CPU Usage: u56.83 s89.82 cu267.78 cs128.17 - .0123% CPU load
.147 requests/sec - 715 B/second - 4861 B/request - 598.203 ms/request
1 requests currently being processed, 49 idle workers
___________________W______________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0108280/964/12624_
11.30518469683990.04.1057.26
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0108280/805/11867_
11.30557571140170.03.4855.44
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_185428f3307b1

0-0108280/829/11931_
11.30464465230430.03.6854.82
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0108280/785/11764_
11.306276970182050.03.1253.73
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_654589bd3bd2f

0-0108280/699/12203_
11.30418376037120.02.9556.37
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_76fac24f37fd3

0-0108280/818/11275_
11.3043843564594260.03.8551.35
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BU6

0-0108280/883/11801_
11.30350470758300.04.0155.26
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0108280/852/11402_
11.3227721971305610.03.5852.77
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0108280/709/11231_
11.30384365397690.03.0151.26
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_cd218134f5087

0-0108280/836/11747_
11.30359368506500.03.4053.28
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_4798219c3580f

0-0108280/812/11448_
11.32218367704050.03.5953.90
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_db098291b5b46

0-0108280/915/12174_
11.322447570909460.03.8257.95
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0108280/772/11430_
11.32270362735430.03.3255.12
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_1000a40e86ae6

0-0108280/761/12016_
11.30301459073660530.03.2554.23
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0108280/804/11659_
11.32173470493570.03.2753.44
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_20b395c36775d

0-0108280/831/11661_
11.3242369686630.03.6553.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_ca98d9e1a4360

0-0108280/693/11493_
11.32119565696710.03.0353.37
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_7ed82817a9a27

0-0108280/674/10993_
11.30603572892950.02.7651.57
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0108280/714/11639_
11.3291366838370.03.1154.04
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_27a1bb7d323d1

0-01082810/768/11801W
11.3200715084215.93.3953.80
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

0-0108280/783/11312_
11.3225367895900.03.4552.73
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_597fef071e057

0-0108280/765/11165_
11.3264367496430.03.2150.82
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3b7b2b1e61421

0-0108280/989/12126_
11.30323468752660.04.3955.57
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0108280/912/11263_
11.30491566047710.04.0851.35
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0108280/871/11183_
11.30581070201310.03.4851.59
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-0107940/841/9180_
11.59193553271640.03.4442.17
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0107940/774/9025_
11.5981452315320.03.4641.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0107940/878/9544_
11.5927088956711810.03.6043.02
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DecwW2y

1-0107940/824/9213_
11.5757439553408990.03.5442.29
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0107940/750/9243_
11.6016459573270.03.2742.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0107940/827/9240_
11.57588357565990.03.6342.38
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_42562fada9a56

1-0107940/881/9607_
11.5763940951560190.03.6143.44
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0107940/943/9472_
11.57617349911980.04.0944.13
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_28224e7211ca1

1-0107940/821/9747_
11.58508353118000.03.7354.20
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_796c24fa2445e

1-0107940/856/9690_
11.5913856556201290.03.5444.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0107940/846/9414_
11.58458357699750.03.6646.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_0d26da42370eb

1-0107940/846/9318_
11.58477356617820.03.5342.27
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_610ce47b647b8

1-0107940/866/9449_
11.58399560393220.03.9243.15
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0107940/806/9470_
11.5936618253219970.03.3743.08
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PGGU1

1-0107940/772/8917_
11.58527054988630.03.0141.51
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.js HTTP/1.1

1-0107940/918/9143_
11.5843240653946000.04.3742.06
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0107940/753/9522_
11.59314349332900.03.0844.01
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_bdfffc1bb1adb

1-0107940/780/9405_
11.5837719555349320.03.2743.50
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PAeYY

1-0107940/763/9388_
11.59288351887830.03.4043.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.co

Found on 2024-10-30 10:50

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e92a5e734

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Monday, 28-Oct-2024 07:49:09 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  49 days 1 hour 50 minutes 24 seconds
Server load: 0.85 0.88 0.86
Total accesses: 605768 - Total Traffic: 2.8 GB - Total Duration: 366286993
CPU Usage: u73.1 s93.71 cu233.75 cs111.91 - .0121% CPU load
.143 requests/sec - 698 B/second - 4889 B/request - 604.665 ms/request
1 requests currently being processed, 49 idle workers
_________________________.........................__W___________
___________.....................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-026240/1815/11585_
24.3665563700840.08.2052.83
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-026240/1594/10998_
24.33439363855910.07.4851.70
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_72c2ccbb7bb13

0-026240/1705/10980_
24.3682560783510.07.9350.53
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-026240/1713/10881_
24.36125464168090.07.7550.19
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.js HTTP/1.1

0-026240/1688/11406_
24.34198571605880.07.7753.00
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-026240/1508/10403_
24.33353558510450.06.6547.27
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.js HTTP/1.1

0-026240/1641/10800_
24.368466799760.07.5250.75
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_967b2c41e0cc2

0-026240/1398/10475_
24.3332042466563740.06.0948.86
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-026240/1512/10441_
24.32465561271770.06.7447.94
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_f2549f81791d3

0-026240/1505/10860_
24.34281565901790.06.5749.65
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-026240/1817/10560_
24.34229174963261900.08.4849.98
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BSA

0-026240/1557/11172_
24.34258467001590.07.1653.78
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_643b4ee7ca022

0-026240/1433/10599_
24.34309659310940.06.4751.55
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/accountinfo/check.php?username=melinda_miles%40

0-026240/1559/11144_
24.34142469199690.07.0650.55
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_63ab6857a9cd4

0-026240/1744/10777_
24.34209466220060.08.0649.86
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_b6282cfb6d50f

0-026240/1591/10781_
24.34288065396230.07.3749.78
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-026240/1578/10737_
24.3424440362318710.06.6350.10
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-026240/1721/10221_
24.32480466327580.07.8648.32
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_2b5b94dd8230d

0-026240/1615/10829_
24.3696562848960.07.4350.54
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_e4cf04c22524b

0-026240/1713/10936_
24.334202467765440.07.4549.96
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-026240/1488/10428_
24.34165563663430.07.1048.83
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_63bed58547fdd

0-026240/1513/10327_
24.33343462521660.06.8147.29
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_d86a5802a2f18

0-026240/1632/11049_
24.3338343863678820.07.1650.81
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-026240/1529/10275_
24.362946060511310.06.7646.97
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-026240/1497/10209_
24.3638864724900.06.8147.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0-0/0/8339.
0.004562242448460430.00.0038.72
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0-0/0/8251.
0.0045622429948145720.00.0038.40
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0-0/0/8666.
0.00456224551723170.00.0039.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_9e479f004e5a9

1-0-0/0/8389.
0.00456224148149029160.00.0038.75
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0-0/0/8493.
0.0045622423455475520.00.0039.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0-0/0/8413.
0.004562241053180540.00.0038.75
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0-0/0/8726.
0.0045622420948145280.00.0039.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_e272b3ddb063a

1-0-0/0/8529.
0.00456224045310830.00.0040.04
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.js HTTP/1.1

1-0-0/0/8926.
0.004562243248910660.00.0050.47
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_083876f2aa061

1-0-0/0/8834.
0.00456224152201260.00.0041.33
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-0-0/0/8568.
0.004562241190553627430.00.0042.94
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0-0/0/8472.
0.004562241251315370.00.0038.73
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_932f4965adb8c

1-0-0/0/8583.
0.00456224055520640.00.0039.24
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/script.js HTTP/1.1

1-0-0/0/8664.
0.004562241250301180.00.0039.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0-0/0/8145.
0.0045622439451470480.00.0038.50
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/8225.
0.0045622439049679870.00.0037.69
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_9aa27e10f1205

1-0-0/0/8769.
0.00456224446210820.00.0040.92
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/simplewebauthn.es5.umd.min.js HTT

1-0-0/0/8625.
0.00456224053379550.00.0040.23
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-0-0/0/8625.
0.004562242447907610.00.0040.20
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-0-0/0/8438.
0.00456224694749550770.00.0038

Found on 2024-10-28 07:49

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387ea5cf5dda

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Saturday, 26-Oct-2024 08:56:44 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  47 days 2 hours 57 minutes 59 seconds
Server load: 0.54 0.81 0.97
Total accesses: 571422 - Total Traffic: 2.6 GB - Total Duration: 346813153
CPU Usage: u58.46 s83.7 cu233.75 cs111.91 - .012% CPU load
.14 requests/sec - 689 B/second - 4913 B/request - 606.93 ms/request
1 requests currently being processed, 49 idle workers
_________________________.........................___W__________
___________.....................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-026240/1064/10834_
14.29304558867040.05.0549.69
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-026240/949/10353_
14.25227531861228880.04.4948.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/mfa/hotp.php?hotp_id=180&StateId=

0-026240/952/10227_
14.278241056364750.04.7347.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-026240/1000/10168_
14.2611483759407760.04.6047.04
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_dbc40d3cf8a67

0-026240/1045/10763_
14.2691290368527260.05.0150.24
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BWQ

0-026240/862/9757_
14.2518653955638790.03.8644.48
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_d2337ca9d62fe

0-026240/924/10083_
14.31137163764670.04.5147.73
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-026240/827/9904_
14.2519321062432050.03.7546.51
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-026240/821/9750_
14.29330558204380.03.7744.97
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-026240/827/10182_
14.2520876161787550.03.9347.01
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-026240/956/9699_
14.251510562260059530.04.8346.33
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-026240/912/10527_
14.26135372863805540.04.3450.95
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjpswFN3nKyL2AULIQ

0-026240/775/9941_
14.2518013456446430.03.6548.73
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_9eba536599048

0-026240/804/10389_
14.26132746763464200.03.6247.11
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-026240/995/10028_
14.26125084163085970.04.8946.69
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-026240/1026/10216_
14.261391960559580.04.7847.19
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-026240/905/10064_
14.269045258520160.03.9647.43
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-026240/981/9481_
14.285591161918690.04.6845.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-026240/886/10100_
14.285599259287070.04.2347.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_ba9b2e7959768

0-026240/884/10107_
14.278451063296850.04.0746.58
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-026240/845/9785_
14.28565612160190410.04.2445.96
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtpAELzzFch3P3Agb

0-026240/821/9635_
14.252030958441700.03.8544.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-026240/879/10296_
14.28428959274870.04.2147.86
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-026240/884/9630_
14.28472056701860.03.9744.17
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-026240/835/9547_
14.25221631760935470.03.9644.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PIcyg

1-0-0/0/8339.
0.002874792448460430.00.0038.72
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0-0/0/8251.
0.0028747929948145720.00.0038.40
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0-0/0/8666.
0.00287479551723170.00.0039.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_9e479f004e5a9

1-0-0/0/8389.
0.00287479148149029160.00.0038.75
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0-0/0/8493.
0.0028747923455475520.00.0039.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0-0/0/8413.
0.002874791053180540.00.0038.75
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0-0/0/8726.
0.0028747920948145280.00.0039.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_e272b3ddb063a

1-0-0/0/8529.
0.00287479045310830.00.0040.04
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.js HTTP/1.1

1-0-0/0/8926.
0.002874793248910660.00.0050.47
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_083876f2aa061

1-0-0/0/8834.
0.00287479152201260.00.0041.33
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-0-0/0/8568.
0.002874791190553627430.00.0042.94
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0-0/0/8472.
0.002874791251315370.00.0038.73
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_932f4965adb8c

1-0-0/0/8583.
0.00287479055520640.00.0039.24
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/script.js HTTP/1.1

1-0-0/0/8664.
0.002874791250301180.00.0039.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0-0/0/8145.
0.0028747939451470480.00.0038.50
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/8225.
0.0028747939049679870.00.0037.69
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_9aa27e10f1205

1-0-0/0/8769.
0.00287479446210820.00.0040.92
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/simplewebauthn.es5.umd.min.js HTT

1-0-0/0/8625.
0.00287479053379550.00.0040.23
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-0-0/0/8625.
0.002874792447907610.00.0040.20
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-0-0/0/8438.
0.00287479694749550770.00.0038.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET

Found on 2024-10-26 08:56

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e4b129200

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Thursday, 24-Oct-2024 22:07:19 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  45 days 16 hours 8 minutes 34 seconds
Server load: 2.15 2.17 1.96
Total accesses: 556959 - Total Traffic: 2.5 GB - Total Duration: 336730871
CPU Usage: u50.98 s78.71 cu233.75 cs111.91 - .012% CPU load
.141 requests/sec - 693 B/second - 4913 B/request - 604.588 ms/request
1 requests currently being processed, 49 idle workers
_____________W___________.........................______________
___________.....................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-026240/667/10437_
9.64331056739000.03.2347.86
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-026240/619/10023_
9.6236625958899990.03.0147.23
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-026240/697/9972_
9.61396226554359400.03.4746.07
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7vBPRs

0-026240/657/9825_
9.6050818258222190.03.0245.46
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BWy

0-026240/648/10366_
9.6879124366420180.03.0848.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-026240/579/9474_
9.66195553819250.02.6543.27
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PGEeW

0-026240/679/9838_
9.65300100960729540.03.1646.38
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLrtowFNzzFSj7vAxqq

0-026240/538/9615_
9.66231060243490.02.5045.27
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-026240/536/9465_
9.65299135956042190.02.5043.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Decy1sw

0-026240/530/9885_
9.66282060160630.02.6445.72
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-026240/678/9421_
9.66255057881400.03.4644.96
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-026240/613/10228_
9.6710226061992220.02.9349.54
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj5swFLznV0TcgUDIl

0-026240/485/9651_
9.6715772755001650.02.1947.27
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1DuSSAhL

0-0262410/555/10140W
9.6800616635221.22.4545.94
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

0-026240/704/9737_
9.6714439561611770.03.5545.35
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9sgEL3nV0S%2B%2B

0-026240/749/9939_
9.595333859298120.03.4445.85
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-026240/586/9745_
9.604303956544270.02.6246.09
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjpswFN3nKyL2vByam

0-026240/702/9202_
9.64342159915430.03.3643.83
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/webauthn.js HTTP/1.1

0-026240/571/9785_
9.61413292156657980.02.7345.85
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BWx

0-026240/623/9846_
9.6237068461561740.02.8245.33
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-026240/540/9480_
9.62394224858065730.02.6244.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PMclY

0-026240/534/9348_
9.653181155755680.02.5243.00
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-026240/619/10036_
9.64341056859450.02.9946.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-026240/638/9384_
9.64327448354930640.02.9143.11
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PEmVG

0-026240/599/9311_
9.65301102659246140.02.8443.74
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1DuSYiXF

1-0-0/0/8339.
0.001621132448460430.00.0038.72
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0-0/0/8251.
0.0016211329948145720.00.0038.40
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0-0/0/8666.
0.00162113551723170.00.0039.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_9e479f004e5a9

1-0-0/0/8389.
0.00162113148149029160.00.0038.75
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0-0/0/8493.
0.0016211323455475520.00.0039.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0-0/0/8413.
0.001621131053180540.00.0038.75
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0-0/0/8726.
0.0016211320948145280.00.0039.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_e272b3ddb063a

1-0-0/0/8529.
0.00162113045310830.00.0040.04
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.js HTTP/1.1

1-0-0/0/8926.
0.001621133248910660.00.0050.47
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_083876f2aa061

1-0-0/0/8834.
0.00162113152201260.00.0041.33
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-0-0/0/8568.
0.001621131190553627430.00.0042.94
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0-0/0/8472.
0.001621131251315370.00.0038.73
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_932f4965adb8c

1-0-0/0/8583.
0.00162113055520640.00.0039.24
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/script.js HTTP/1.1

1-0-0/0/8664.
0.001621131250301180.00.0039.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0-0/0/8145.
0.0016211339451470480.00.0038.50
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/8225.
0.0016211339049679870.00.0037.69
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_9aa27e10f1205

1-0-0/0/8769.
0.00162113446210820.00.0040.92
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/simplewebauthn.es5.umd.min.js HTT

1-0-0/0/8625.
0.00162113053379550.00.0040.23
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-0-0/0/8625.
0.001621132447907610.00.0040.20
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-0-0/0/8438.
0.00162113694749550770.00.0038.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Dec13KL

1-0

Found on 2024-10-24 22:07

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e88269702

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Tuesday, 22-Oct-2024 20:15:17 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  43 days 14 hours 16 minutes 32 seconds
Server load: 1.59 1.26 1.35
Total accesses: 520694 - Total Traffic: 2.4 GB - Total Duration: 314846658
CPU Usage: u71.16 s86.52 cu195.67 cs93.73 - .0119% CPU load
.138 requests/sec - 678 B/second - 4908 B/request - 604.667 ms/request
1 requests currently being processed, 49 idle workers
_________W________________________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0138190/1885/9655_
26.025301052432730.08.5344.11
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0138190/1735/9224_
26.02819054224350.08.3543.32
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-0138190/1505/9162_
26.02677451026440.06.9642.10
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_378c9b2b77f56

0-0138190/1625/9009_
25.981133952658270.08.0441.75
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0138190/1518/9572_
25.9910805562250160.07.1544.51
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0138190/1694/8779_
25.991113131449070200.07.8040.08
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0138190/1565/9017_
25.991065133353977020.07.3542.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0138190/1549/8936_
26.0273024455471290.07.0542.02
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PBtoZ

0-0138190/1605/8730_
26.02570451072350.07.7940.29
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_a9d37b25a5ad1

0-0138198/1656/9259W
26.070056125009.67.9742.66
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

0-0138190/1571/8655_
26.02597052773040.07.7440.99
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-0138190/1730/9471_
26.04412657356840.08.3745.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-0138190/1632/9017_
26.04382652132550.010.4544.43
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_0593235bad112

0-0138190/1508/9417_
26.02653057648500.06.7342.83
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-0138190/1511/8954_
26.02498458458320.07.1241.49
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_13ef30e9e1f73

0-0138190/1656/9093_
26.053043654465960.07.7041.93
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_58c1dfb6fe0bc

0-0138190/1608/9071_
26.044415053678880.07.8943.09
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0138190/1564/8293_
26.044364154734440.07.7039.44
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0138190/1443/9050_
26.0658052850540.07.0042.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-0138190/1519/9112_
25.99102941656089760.07.3542.01
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj5swFLznV0TcAQObb

0-0138190/1615/8819_
26.06113954303270.07.7841.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0138190/1431/8700_
26.02604159651766790.06.9239.93
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PJvJU

0-0138190/1409/9322_
26.0515261653570180.06.3643.21
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du5AvYp

0-0138190/1474/8646_
26.0529298150339460.06.9139.75
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0138190/1594/8571_
26.00849591253462980.07.6340.24
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0138950/1445/8218_
25.83559447645110.06.9638.17
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_b24dc86b910fc

1-0138950/1490/8107_
25.8370443546957780.06.9237.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PAgwA

1-0138950/1619/8575_
25.8613535750866520.07.8738.98
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BXJ

1-0138950/1699/8263_
25.86715748529790.08.2338.17
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0138950/1488/8398_
25.8111204954688490.07.3839.25
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0138950/1565/8302_
25.8110734151027550.07.0838.13
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0138950/1485/8640_
25.8692147623760.06.8939.44
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_23bcf8e8a4420

1-0138950/1582/8390_
25.8332740644388310.08.0939.40
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0138950/1559/8815_
25.86221127848333840.07.5649.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0138950/1624/8711_
25.81109621251582700.07.9440.78
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7vIcUL

1-0138950/1703/8441_
25.8210394951801980.08.2642.40
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0138950/1561/8245_
25.83506049765760.07.1537.70
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-0138950/1564/8476_
25.83304054943370.07.1938.79
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-0138950/1634/8553_
25.801179548101970.07.3639.18
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0138950/1533/8055_
25.8340340550172700.07.3938.03
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PDBBQ

1-0138950/1455/8141_
25.83791133049219720.06.8937.24
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1DuSRwD3

1-0138950/1453/8609_
25.83419545814080.07.5140.24
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0138950/1523/8504_
25.8297223352501990.07.1239.59
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BVx

1-0138950/1676/8497_
25.83483447091080.08.2839.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_fb18ecf5a9438

1-0138950/1618/8332_
25.838487933<

Found on 2024-10-22 20:15

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387ec0e85d96

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Sunday, 20-Oct-2024 22:49:17 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  41 days 16 hours 50 minutes 32 seconds
Server load: 1.88 1.98 2.12
Total accesses: 492327 - Total Traffic: 2.2 GB - Total Duration: 295407573
CPU Usage: u56.2 s77.48 cu195.67 cs93.73 - .0117% CPU load
.137 requests/sec - 666 B/second - 4879 B/request - 600.023 ms/request
1 requests currently being processed, 49 idle workers
______________________________________W___________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0138190/1076/8846_
16.06357114148974390.04.7240.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0138190/1080/8569_
16.0457834349793980.04.9339.90
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Dec19g1

0-0138190/965/8622_
16.06428847594790.04.3339.48
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-0138190/994/8378_
16.02668449084340.04.9038.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_a45ad96374f45

0-0138190/934/8988_
16.04600058281290.04.2641.62
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-0138190/1085/8170_
16.00833644594770.04.8537.13
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0138190/1017/8469_
16.04531551714480.04.7540.04
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0138190/927/8314_
16.02635651568770.04.1639.13
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_684af3ada91d3

0-0138190/1106/8231_
16.06400547485490.05.1037.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0138190/1046/8649_
16.0816317850019410.04.7039.39
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0138190/1054/8138_
16.08134454949429420.04.8838.13
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0138190/1175/8916_
16.0727041753026150.05.2742.77
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1DuSUiah

0-0138190/1082/8467_
16.09628248030590.07.3141.29
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0138190/915/8824_
16.07309053998350.03.9040.00
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-0138190/916/8359_
16.0545729152138970.04.0938.46
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVLLbtswELwX6D8QvOuZH

0-0138190/1064/8501_
16.0910661650653870.04.6438.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPZjtowFH3nK1Des7nJL

0-0138190/1091/8554_
16.07196954949672280.04.9940.19
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0138190/929/7658_
16.09804850953280.04.1335.88
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0138190/866/8473_
16.09599249070690.04.0739.49
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0138190/948/8541_
16.101443452185930.04.6039.26
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PIfhY

0-0138190/1065/8269_
16.007371149715110.04.8638.22
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0138190/821/8090_
16.0723136946428550.03.5436.54
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0138190/909/8822_
16.007551050540900.03.9140.77
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0138190/949/8121_
16.02686147946447970.04.1737.01
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0138190/999/7976_
16.02705049772580.04.5337.15
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-0138950/941/7714_
16.31468944943800.04.4135.61
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0138950/924/7541_
16.2865644743318110.04.1434.93
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVLLThsxFN1X4h8s7%2Bd

1-0138950/975/7931_
16.3241969146091850.04.4135.52
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0138950/1103/7667_
16.3324310044579740.05.1235.07
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_ad35c6838d1ab

1-0138950/991/7901_
16.3327989649503460.04.8436.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJNbxMxEL0j8R8s3%2Fe

1-0138950/1006/7743_
16.295894948605870.04.5435.59
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0138950/882/8037_
16.332311043895820.03.9036.45
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0138950/1010/7818_
16.34291140263990.05.0236.33
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0138950/927/8183_
16.3333695144248230.04.2746.55
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0138950/1114/8201_
16.3452046436220.05.0737.92
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-0138950/1155/7893_
16.33153157647266010.05.3839.52
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-0138950/1032/7716_
16.31487047030730.04.4935.04
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.js HTTP/1.1

1-0138950/1142/8054_
16.33142950645360.05.1736.77
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0138959/1117/8036W
16.3500449761812.94.9936.82
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

1-0138950/1052/7574_
16.33109946350910.04.7535.39
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0138950/888/7574_
16.2682533244967360.03.9134.26
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PEnKx

1-0138950/890/8046_
16.33183742289860.04.2937.01
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0138950/985/7966_
16.3371138047607550.04.4736.94
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BYT

1-0138950/1044/7865_
16.29616043824660.04.8736.19
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-0138950/1060/7774_
16.2769536545707940.04.8435.16
127.0.0.1http/1.1

Found on 2024-10-20 22:49

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387ecbb4bcf5

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Friday, 18-Oct-2024 19:12:17 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  39 days 13 hours 13 minutes 32 seconds
Server load: 2.51 1.69 1.56
Total accesses: 467510 - Total Traffic: 2.1 GB - Total Duration: 281006170
CPU Usage: u44.09 s69.03 cu195.67 cs93.73 - .0118% CPU load
.137 requests/sec - 669 B/second - 4890 B/request - 601.07 ms/request
1 requests currently being processed, 49 idle workers
_______________________________________W__________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0138190/501/8271_
8.549611144585850.02.2837.86
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0138190/514/8003_
8.549953447330960.02.3937.36
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_53a73f792c987

0-0138190/529/8186_
8.5416651144071810.02.4537.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0138190/474/7858_
8.5412965046433320.02.3436.05
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_9849e8a4c98af

0-0138190/489/8543_
8.54186143855515240.02.2239.58
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0138190/605/7690_
8.532045942317270.02.8435.12
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0138190/500/7952_
8.541374648339210.02.4937.78
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_cd2f94cac7a71

0-0138190/519/7906_
8.541701549395050.02.4437.41
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0138190/528/7653_
8.54121243144572470.02.5635.07
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0138190/494/8097_
8.54847445459070.02.1936.88
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_4df7fa752ce43

0-0138190/582/7666_
8.54502444915810.02.8536.10
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_eca3da9f72b19

0-0138190/643/8384_
8.54866548155550.02.9340.43
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0138190/501/7886_
8.552061046341920.02.3636.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0138190/483/8392_
8.54620351017540.02.1238.22
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-0138190/453/7896_
8.54653221349408590.02.0536.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0138190/584/8021_
8.543681247695370.02.5936.82
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0138190/483/7946_
8.53227652246946250.02.3237.52
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0138190/515/7244_
8.54422447384700.02.4534.19
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_72a45b0e870f9

0-0138190/439/8046_
8.5322263946836440.02.1637.57
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_6453a75c24607

0-0138190/537/8130_
8.532079550561270.02.7937.45
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0138190/542/7746_
8.531978547448180.02.6836.04
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_e9130bd34042e

0-0138190/418/7687_
8.551253642982660.01.8234.82
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_4ca0b059fab42

0-0138190/485/8398_
8.532160448540080.02.1939.04
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_f99ad9c7eb3a9

0-0138190/445/7617_
8.541465218144306740.02.0534.89
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0138190/423/7400_
8.5319263647365240.02.0934.70
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_e906bed2bc6d2

1-0138950/516/7289_
8.6153272542152970.02.5033.70
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0138950/438/7055_
8.61853940787870.02.2032.99
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0138950/446/7402_
8.61633442575410.02.0233.13
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_4c41757b8e4de

1-0138950/571/7135_
8.61236541684680.02.7732.72
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_f514f913e4ce2

1-0138950/612/7522_
8.6088442146303190.03.1235.00
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0138950/504/7241_
8.601271446034670.02.3033.35
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_04abf1759e613

1-0138950/457/7612_
8.5922631041145150.02.1134.66
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0138950/469/7277_
8.5921951037739710.02.3833.69
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0138950/449/7705_
8.61405440458500.02.2344.51
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_bc459afd6562d

1-0138950/577/7664_
8.592038543609850.02.8535.69
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_898be4dccffdc

1-0138950/640/7378_
8.61445644280520.02.9437.08
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_fce88a1bc4bfb

1-0138950/550/7234_
8.611591243808600.02.4733.03
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0138950/547/7459_
8.59209943847073380.02.6934.29
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0138950/501/7420_
8.591896643023740.02.3534.18
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_4011efd39c75a

1-0138958/490/7012W
8.610044019519.62.3032.94
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

1-0138950/479/7165_
8.59174645442895050.02.1132.46
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0138950/425/7581_
8.59195641640020640.02.1734.90
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0138950/516/7497_
8.592061545653740.02.3534.82
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0138950/522/7343_
8.601054640439530.02.5633.89
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_66fd577fdaf05

1-0138950/583/7297_
8.59167946944162310.02.7233.04
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=

Found on 2024-10-18 19:12

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e9d04216c

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Wednesday, 16-Oct-2024 16:59:35 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  37 days 11 hours 50 seconds
Server load: 0.79 0.89 1.24
Total accesses: 434441 - Total Traffic: 2.0 GB - Total Duration: 261228339
CPU Usage: u64.66 s76.62 cu158.17 cs75.73 - .0116% CPU load
.134 requests/sec - 655 B/second - 4886 B/request - 601.298 ms/request
1 requests currently being processed, 49 idle workers
..................................................______________
___W________________________________............................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0-0/0/7770.
0.0026492296841734990.00.0035.58
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0-0/0/7489.
0.002649223344019890.00.0034.97
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-0-0/0/7657.
0.00264922141380050.00.0035.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-0-0/0/7384.
0.002649223542596240.00.0033.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_8e3f09408d9ee

0-0-0/0/8054.
0.00264922652720460.00.0037.36
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_0f84ecb1ee57b

0-0-0/0/7085.
0.002649225939055830.00.0032.28
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0-0/0/7452.
0.0026492240344945920.00.0035.29
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0-0/0/7387.
0.002649226145870390.00.0034.97
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_fbafad43a0974

0-0-0/0/7125.
0.0026492242841592380.00.0032.50
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0-0/0/7603.
0.002649224142434370.00.0034.69
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_dc3d416f21a46

0-0-0/0/7084.
0.00264922442094690.00.0033.25
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_0f9d23676dd0f

0-0-0/0/7741.
0.002649223545806040.00.0037.50
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_6f936cc42294c

0-0-0/0/7385.
0.00264922742332950.00.0033.98
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0-0/0/7909.
0.00264922548793900.00.0036.10
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0-0/0/7443.
0.00264922147093680.00.0034.37
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-0-0/0/7437.
0.00264922944832430.00.0034.23
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0-0/0/7463.
0.002649223844163380.00.0035.20
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_748bf5dcbc6d5

0-0-0/0/6729.
0.00264922544518270.00.0031.75
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0-0/0/7607.
0.00264922443588460.00.0035.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_868162f50bfb4

0-0-0/0/7593.
0.00264922447545830.00.0034.66
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_1348ff2a2e40f

0-0-0/0/7204.
0.002649224644469610.00.0033.36
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_8b01af6031f5c

0-0-0/0/7269.
0.0026492278240345380.00.0033.00
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0-0/0/7913.
0.0026492253446056200.00.0036.86
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0-0/0/7172.
0.002649226440569550.00.0032.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0-0/0/6977.
0.002649226044352700.00.0032.61
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_637298c6e550b

1-0-0/0/6773.
0.0056151223139714900.00.0031.21
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3ad8e07633945

1-0-0/0/6617.
0.0056151254338634080.00.0030.79
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeyY1lW

1-0-0/0/6956.
0.0056151265139605720.00.0031.11
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_7dfd8ed75bf80

1-0-0/0/6564.
0.0056151263937999620.00.0029.95
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_4ffa747e468cb

1-0-0/0/6910.
0.0056151221043225240.00.0031.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/6737.
0.0056151224643360260.00.0031.05
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/7155.
0.0056151272038694750.00.0032.56
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_a32f116e5261f

1-0-0/0/6808.
0.0056151255235464250.00.0031.31
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3002318ed6c1a

1-0-0/0/7256.
0.0056151254337790570.00.0042.28
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeSRy6K

1-0-0/0/7087.
0.0056151264740448960.00.0032.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_bbf9d07fef702

1-0-0/0/6738.
0.005615123040136320.00.0034.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_38aa5e324ea52

1-0-0/0/6684.
0.0056151264941223420.00.0030.55
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_933535a0a9f04

1-0-0/0/6912.
0.0056151262443689460.00.0031.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_96f94518c867c

1-0-0/0/6919.
0.005615123839777050.00.0031.83
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_0cf4ee142a06d

1-0-0/0/6522.
0.0056151254941168490.00.0030.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_f52bdb13967c6

1-0-0/0/6686.
0.0056151225739877520.00.0030.35
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeyQWSt

1-0-0/0/7156.
0.0056151253838313480.00.0032.73
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeyW2Xy

1-0-0/0/6981.
0.0056151213443535420.00.0032.47
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/6821.
0.0056151214736127870.00.0031.32
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/6714.
0.005615

Found on 2024-10-16 16:59

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387eb656a62e

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Monday, 14-Oct-2024 16:25:10 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  35 days 10 hours 26 minutes 25 seconds
Server load: 0.67 0.84 1.00
Total accesses: 403499 - Total Traffic: 1.8 GB - Total Duration: 237096351
CPU Usage: u49 s66.96 cu158.17 cs75.73 - .0114% CPU load
.132 requests/sec - 642 B/second - 4877 B/request - 587.601 ms/request
3 requests currently being processed, 47 idle workers
.................................................._____________W
______________K____________________K............................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0-0/0/7770.
0.009005896841734990.00.0035.58
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0-0/0/7489.
0.00900583344019890.00.0034.97
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-0-0/0/7657.
0.0090058141380050.00.0035.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-0-0/0/7384.
0.00900583542596240.00.0033.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_8e3f09408d9ee

0-0-0/0/8054.
0.0090058652720460.00.0037.36
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_0f84ecb1ee57b

0-0-0/0/7085.
0.00900585939055830.00.0032.28
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0-0/0/7452.
0.009005840344945920.00.0035.29
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0-0/0/7387.
0.00900586145870390.00.0034.97
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_fbafad43a0974

0-0-0/0/7125.
0.009005842841592380.00.0032.50
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0-0/0/7603.
0.00900584142434370.00.0034.69
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_dc3d416f21a46

0-0-0/0/7084.
0.0090058442094690.00.0033.25
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_0f9d23676dd0f

0-0-0/0/7741.
0.00900583545806040.00.0037.50
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_6f936cc42294c

0-0-0/0/7385.
0.0090058742332950.00.0033.98
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0-0/0/7909.
0.0090058548793900.00.0036.10
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0-0/0/7443.
0.0090058147093680.00.0034.37
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-0-0/0/7437.
0.0090058944832430.00.0034.23
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0-0/0/7463.
0.00900583844163380.00.0035.20
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_748bf5dcbc6d5

0-0-0/0/6729.
0.0090058544518270.00.0031.75
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0-0/0/7607.
0.0090058443588460.00.0035.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_868162f50bfb4

0-0-0/0/7593.
0.0090058447545830.00.0034.66
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_1348ff2a2e40f

0-0-0/0/7204.
0.00900584644469610.00.0033.36
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_8b01af6031f5c

0-0-0/0/7269.
0.009005878240345380.00.0033.00
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0-0/0/7913.
0.009005853446056200.00.0036.86
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0-0/0/7172.
0.00900586440569550.00.0032.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0-0/0/6977.
0.00900586044352700.00.0032.61
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_637298c6e550b

1-0-0/0/6773.
0.0038664723139714900.00.0031.21
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3ad8e07633945

1-0-0/0/6617.
0.0038664754338634080.00.0030.79
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeyY1lW

1-0-0/0/6956.
0.0038664765139605720.00.0031.11
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_7dfd8ed75bf80

1-0-0/0/6564.
0.0038664763937999620.00.0029.95
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_4ffa747e468cb

1-0-0/0/6910.
0.0038664721043225240.00.0031.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/6737.
0.0038664724643360260.00.0031.05
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/7155.
0.0038664772038694750.00.0032.56
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_a32f116e5261f

1-0-0/0/6808.
0.0038664755235464250.00.0031.31
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3002318ed6c1a

1-0-0/0/7256.
0.0038664754337790570.00.0042.28
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeSRy6K

1-0-0/0/7087.
0.0038664764740448960.00.0032.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_bbf9d07fef702

1-0-0/0/6738.
0.003866473040136320.00.0034.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_38aa5e324ea52

1-0-0/0/6684.
0.0038664764941223420.00.0030.55
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_933535a0a9f04

1-0-0/0/6912.
0.0038664762443689460.00.0031.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_96f94518c867c

1-0-0/0/6919.
0.003866473839777050.00.0031.83
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_0cf4ee142a06d

1-0-0/0/6522.
0.0038664754941168490.00.0030.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_f52bdb13967c6

1-0-0/0/6686.
0.0038664725739877520.00.0030.35
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeyQWSt

1-0-0/0/7156.
0.0038664753838313480.00.0032.73
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeyW2Xy

1-0-0/0/6981.
0.0038664713443535420.00.0032.47
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/6821.
0.0038664714736127870.00.0031.32
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/6714.
0.0038664715

Found on 2024-10-14 16:25

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387eaa1d8af7

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Saturday, 12-Oct-2024 20:28:17 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  33 days 14 hours 29 minutes 32 seconds
Server load: 0.61 0.95 1.07
Total accesses: 372492 - Total Traffic: 1.7 GB - Total Duration: 218803339
CPU Usage: u54.42 s67.78 cu137.74 cs65.81 - .0112% CPU load
.128 requests/sec - 626 B/second - 4882 B/request - 587.404 ms/request
1 requests currently being processed, 74 idle workers
_________________________.........................____________W_
____________________________________............................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0184360/1888/7591_
27.663835541047970.08.6634.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_94d3cbbab7210

0-0184360/1728/7325_
27.689934143255170.07.9434.32
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_4ffeabcd7199a

0-0184360/1668/7491_
27.682145540283020.07.4834.32
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_2419732935849

0-0184360/1860/7227_
27.681387121442181770.08.3533.00
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0184360/1947/7869_
27.68936651786020.09.0836.65
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0184360/1569/6954_
27.66371344038453360.07.0331.70
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0184360/1867/7225_
27.672853943884580.08.4034.13
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0184360/1483/7074_
27.682671644035070.06.9433.26
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_984c3cbaa6936

0-0184360/1679/6928_
27.68111538341197570.07.6131.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0184360/1619/7339_
27.6824164141381130.07.7733.18
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_4fb6967caa936

0-0184360/1608/6934_
27.682585841131780.07.6232.47
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0184360/1640/7541_
27.663107644601700.07.3436.56
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_761c1fe93321a

0-0184360/1724/7280_
27.691547741349360.07.7433.49
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_92fa7b070c522

0-0184360/1761/7742_
27.694533748254810.07.9835.38
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_227cf90e354c3

0-0184360/1802/7219_
27.69256445976570.08.0733.40
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_cf45ae11bd1ad

0-0184360/1797/7287_
27.66396241543927550.08.2733.66
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0184360/1646/7322_
27.6950146443516920.07.6234.49
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0184360/1504/6590_
27.672931643878020.06.8031.16
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_cd7f82e6881b4

0-0184360/1728/7445_
27.6812193542936420.08.0234.79
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-0184360/1646/7504_
27.681583547217990.07.6634.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_aaa3f9575f9f9

0-0184360/1629/7077_
27.6877514743926440.07.5132.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_394cb255c4fce

0-0184360/1639/7121_
27.682019739385180.07.4732.28
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0184360/1961/7664_
27.682265144433530.08.8635.48
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-0184360/1545/7044_
27.663400403739910470.06.9932.24
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0184360/1664/6804_
27.69380343655140.07.8231.79
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

1-0-0/0/6773.
0.0022843423139714900.00.0031.21
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3ad8e07633945

1-0-0/0/6617.
0.0022843454338634080.00.0030.79
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeyY1lW

1-0-0/0/6956.
0.0022843465139605720.00.0031.11
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_7dfd8ed75bf80

1-0-0/0/6564.
0.0022843463937999620.00.0029.95
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_4ffa747e468cb

1-0-0/0/6910.
0.0022843421043225240.00.0031.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/6737.
0.0022843424643360260.00.0031.05
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/7155.
0.0022843472038694750.00.0032.56
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_a32f116e5261f

1-0-0/0/6808.
0.0022843455235464250.00.0031.31
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3002318ed6c1a

1-0-0/0/7256.
0.0022843454337790570.00.0042.28
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeSRy6K

1-0-0/0/7087.
0.0022843464740448960.00.0032.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_bbf9d07fef702

1-0-0/0/6738.
0.002284343040136320.00.0034.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_38aa5e324ea52

1-0-0/0/6684.
0.0022843464941223420.00.0030.55
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_933535a0a9f04

1-0-0/0/6912.
0.0022843462443689460.00.0031.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_96f94518c867c

1-0-0/0/6919.
0.002284343839777050.00.0031.83
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_0cf4ee142a06d

1-0-0/0/6522.
0.0022843454941168490.00.0030.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_f52bdb13967c6

1-0-0/0/6686.
0.0022843425739877520.00.0030.35
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeyQWSt

1-0-0/0/7156.
0.0022843453838313480.00.0032.73
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeyW2Xy

1-0-0/0/6981.
0.0022843413443535420.00.0032.47
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/6821.
0.0022843414736127870.00.0031.32
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

Found on 2024-10-12 20:28

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387ee07df6b1

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Thursday, 10-Oct-2024 22:14:21 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  31 days 16 hours 15 minutes 36 seconds
Server load: 1.33 1.44 1.56
Total accesses: 352885 - Total Traffic: 1.6 GB - Total Duration: 207771723
CPU Usage: u44.24 s60.59 cu137.74 cs65.81 - .0113% CPU load
.129 requests/sec - 630 B/second - 4889 B/request - 588.78 ms/request
1 requests currently being processed, 74 idle workers
W________________________.........................______________
____________________________________............................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0184369/1532/7235W
23.4200398628918.37.1733.38
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

0-0184360/1410/7007_
23.3949272441671550.06.4532.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeSUKCs

0-0184360/1407/7230_
23.37650212939040320.06.3033.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0184360/1597/6964_
23.39517540431330.07.1831.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0184360/1652/7574_
23.40365550703480.07.8035.38
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Ftoorak-i

0-0184360/1357/6742_
23.34829667936496440.06.0630.73
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeSUKah

0-0184360/1463/6821_
23.357881342437520.06.6332.36
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0184360/1255/6846_
23.35771042444170.06.0332.35
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-0184360/1452/6701_
23.394391138969500.06.5430.65
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0184360/1330/7050_
23.377061040358760.06.4631.86
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0184360/1392/6718_
23.35720359539725590.06.6131.46
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeycW7L

0-0184360/1402/7303_
23.35787411143600020.06.3835.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeycWEb

0-0184360/1393/6949_
23.4251039869050.06.3932.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-0184360/1488/7469_
23.41261132145758710.06.7634.15
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0184360/1536/6953_
23.42975045049770.06.9132.24
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0184360/1511/7001_
23.42346042177330.06.9332.31
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-0184360/1337/7013_
23.4119088642667280.06.2333.11
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeyY2Fb

0-0184360/1250/6336_
23.34813041723950.05.7030.06
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-0184360/1452/7169_
23.40370141604310.06.7233.49
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/css/theme.css HTTP/1.1

0-0184360/1443/7301_
23.3855014645897030.06.8433.47
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_2a5cc89fe676a

0-0184360/1376/6824_
23.40318542204970.06.3931.74
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

0-0184360/1419/6901_
23.3857488637892920.06.4431.25
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-0184360/1752/7455_
23.3768933543275370.07.9334.55
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeSUK4l

0-0184360/1326/6825_
23.348151538296240.05.9031.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0184360/1408/6548_
23.4112244842708990.06.7330.70
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeSUgao

1-0-0/0/6773.
0.006199823139714900.00.0031.21
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3ad8e07633945

1-0-0/0/6617.
0.006199854338634080.00.0030.79
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeyY1lW

1-0-0/0/6956.
0.006199865139605720.00.0031.11
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_7dfd8ed75bf80

1-0-0/0/6564.
0.006199863937999620.00.0029.95
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_4ffa747e468cb

1-0-0/0/6910.
0.006199821043225240.00.0031.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/6737.
0.006199824643360260.00.0031.05
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/7155.
0.006199872038694750.00.0032.56
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_a32f116e5261f

1-0-0/0/6808.
0.006199855235464250.00.0031.31
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3002318ed6c1a

1-0-0/0/7256.
0.006199854337790570.00.0042.28
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeSRy6K

1-0-0/0/7087.
0.006199864740448960.00.0032.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_bbf9d07fef702

1-0-0/0/6738.
0.00619983040136320.00.0034.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_38aa5e324ea52

1-0-0/0/6684.
0.006199864941223420.00.0030.55
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_933535a0a9f04

1-0-0/0/6912.
0.006199862443689460.00.0031.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_96f94518c867c

1-0-0/0/6919.
0.00619983839777050.00.0031.83
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_0cf4ee142a06d

1-0-0/0/6522.
0.006199854941168490.00.0030.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_f52bdb13967c6

1-0-0/0/6686.
0.006199825739877520.00.0030.35
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeyQWSt

1-0-0/0/7156.
0.006199853838313480.00.0032.73
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DeyW2Xy

1-0-0/0/6981.
0.006199813443535420.00.0032.47
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/6821.
0.006199814736127870.00.0031.32
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-0-0/0/6714.
0.006199815</

Found on 2024-10-10 22:14

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387eea72a82e

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Tuesday, 08-Oct-2024 15:35:40 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  29 days 9 hours 36 minutes 55 seconds
Server load: 0.39 0.62 0.80
Total accesses: 313891 - Total Traffic: 1.4 GB - Total Duration: 183029153
CPU Usage: u38.53 s55.52 cu123.66 cs58.85 - .0109% CPU load
.124 requests/sec - 603 B/second - 4880 B/request - 583.098 ms/request
1 requests currently being processed, 49 idle workers
____________________________W_____________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-0184360/763/6466_
11.35142839635004930.03.6429.85
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BSS

0-0184360/735/6332_
11.343027137478150.03.3529.74
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.js HTTP/1.1

0-0184360/658/6481_
11.33398343734163890.02.7929.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0184360/748/6115_
11.333079936537150.03.2027.86
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0184360/799/6721_
11.34255744644496730.03.8131.39
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0184360/565/5950_
11.3344181231564540.02.4727.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0184360/820/6178_
11.33340046838943490.03.5729.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0184360/632/6223_
11.3519425637152830.02.8629.18
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_41edbdb28f62b

0-0184360/764/6013_
11.35157782434014700.03.3827.48
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hZLNTuswEIX3SLyD5X3%2

0-0184360/628/6348_
11.35241843436346680.02.8628.27
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0184360/714/6040_
11.355994536486230.03.4228.27
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_59578c2424431

0-0184360/719/6620_
11.3518854337440800.03.1432.36
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_965aaa84b69f2

0-0184360/676/6232_
11.351427935648420.03.0428.79
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-0184360/752/6733_
11.3512281040574390.03.2630.66
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0184360/781/6198_
11.32604894140482840.03.5428.88
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSh78iK0E

0-0184360/770/6260_
11.33481644835375650.03.3228.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0184360/738/6414_
11.362983537229070.03.2830.16
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_d6d163fa40b88

0-0184360/628/5714_
11.36296036099720.02.7627.12
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_1673476b6ac7b

0-0184360/680/6397_
11.333681337869500.03.2029.97
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET / HTTP/1.1

0-0184360/569/6427_
11.32546443440209320.02.5329.16
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0184360/741/6189_
11.33528742337302890.03.3528.70
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0184360/735/6217_
11.3339316134574800.03.2028.01
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0184360/938/6641_
11.342877039430720.03.9930.61
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-0184360/714/6213_
11.3333631033347780.03.0928.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-0184360/761/5901_
11.33353581236650670.03.5027.47
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7vJlRZ

1-0180420/709/6209_
11.4539741135289160.02.9628.58
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0180420/659/6053_
11.45446148233818290.02.9228.25
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0180420/738/6430_
11.4624941036227800.03.2028.51
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0180428/598/5997W
11.470034808499.62.6527.28
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

1-0180420/821/6396_
11.453372439326040.03.6329.43
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php HTTP/1.1

1-0180420/616/6073_
11.446043039004220.03.0027.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-0180420/823/6596_
11.45308844834643120.03.5129.89
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0180420/740/6209_
11.45347940032141300.03.2028.41
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVLLbtswELwX6D8QvOtlB

1-0180420/814/6707_
11.4620223334679150.03.7639.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

1-0180420/809/6513_
11.46172144937297880.03.6430.04
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0180420/684/6232_
11.47142840936264520.03.2131.88
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Dec%2BO

1-0180420/767/6162_
11.4630511137661830.03.3828.09
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0180420/687/6229_
11.4630165839425730.03.0628.13
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-0180420/685/6415_
11.4628781236611010.02.9229.35
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0180420/747/5999_
11.477653538220340.03.2928.02
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-0180420/641/6099_
11.474224735704170.02.8427.58
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_bf9cf5afa4c23

1-0180420/701/6519_
11.47142841135703230.03.0829.61
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Dec91Qi

1-0180420/799/6432_
11.4619154138779810.03.5429.84
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_ace0910ab5a75

1-0180420/726/6333_
11.4553801032887580.03.3729.06
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-0180420/750/6104_
11.47126285336696020.03.1827.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hZJLT8MwEITvSPwHy%2Fe

1-0180420/776/6326_
11.4551421237704870.03.4628.93
127

Found on 2024-10-08 15:35

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e96a5f691

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Sunday, 06-Oct-2024 16:19:22 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  27 days 10 hours 20 minutes 37 seconds
Server load: 0.64 0.69 0.71
Total accesses: 275757 - Total Traffic: 1.3 GB - Total Duration: 164236204
CPU Usage: u56.02 s61.63 cu88.72 cs41.46 - .0105% CPU load
.116 requests/sec - 571 B/second - 4909 B/request - 595.583 ms/request
1 requests currently being processed, 49 idle workers
____________________________________________W_____..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-04830/1481/5640_
25.604842630725310.06.8725.95
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=fZLLbsIwEEX3%2FYrI%2B

0-04830/1648/5526_
25.60421263833477960.07.8526.11
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJNT%2BMwEL0j7X%2Bwf

0-04830/1706/5756_
25.60499072531262190.07.5226.61
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVLLbtswELwX6D8IvOtlp

0-04830/1711/5301_
25.6048673932493390.07.1124.41
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_37f09cf2e67ab

0-04830/1509/5887_
25.61314035339396480.06.9127.41
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7vAlTL

0-04830/1558/5346_
25.5968261028841260.06.8024.53
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-04830/1603/5332_
25.59787389535253640.08.3125.55
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJNT9wwEL1X4j9YvudrQ

0-04830/1478/5567_
25.61318831334313870.06.5726.18
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7vMyjw

0-04830/1529/5195_
25.61141545530191600.06.9823.91
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-04830/1585/5690_
25.612245332663250.07.1025.24
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-04830/1638/5271_
25.61312571731956410.07.3324.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PMUM1

0-04830/1697/5872_
25.612881108834568390.09.2929.13
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BVy

0-04830/1791/5494_
25.597045432641360.08.1025.48
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-04830/1633/5947_
25.6156942836787860.07.3227.23
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-04830/1622/5347_
25.6232077736282900.07.1125.00
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BSI

0-04830/1755/5441_
25.5966873930999680.07.9125.17
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_d6193fb0fd6b3

0-04830/1632/5644_
25.596885532996800.07.5226.68
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/no_cookie.php?retryURL=https%3A%2F%2Ftoora

0-04830/1567/5059_
25.605590032966100.07.5024.21
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /_profiler/phpinfo HTTP/1.1

0-04830/1522/5671_
25.6044754234034010.06.6426.59
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_d62e44304dc33

0-04830/1720/5805_
25.6123623336681500.07.2626.39
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-04830/1653/5395_
25.6039181133318820.07.2125.16
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-04830/1478/5455_
25.6040866930922320.06.4824.65
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-04830/1651/5652_
25.6110001234765660.07.2826.39
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-04830/1658/5481_
25.60400067929731930.07.5925.17
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVLLbhshFN1Xyj8g9vNyH

0-04830/1467/5115_
25.60387041833295750.06.4823.85
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=fZJNT8MwDIbv%2FIoq936

1-04020/1496/5459_
25.49553767631594430.06.6125.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJNTxsxEL1X6n%2BwfN%

1-04020/1711/5369_
25.496885331221510.07.9625.23
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=https%3A%2F%2Five.toor

1-04020/1618/5653_
25.53228787432396740.06.8825.15
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPfz5owFH33rzC8A8KcY

1-04020/1533/5358_
25.53103213931754550.06.9224.43
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_dce2ed7a6eb6e

1-04020/1641/5543_
25.54401035286450.07.7725.66
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-04020/1590/5436_
25.52312574935084070.06.9224.74
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PIdHs

1-04020/1718/5754_
25.5046454431318010.07.5726.28
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

1-04020/1646/5436_
25.5239294128562630.07.3525.10
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_04a5655fe2468

1-04020/1740/5867_
25.50430241731265200.016.2235.56
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-04020/1651/5674_
25.524077033796130.07.4426.25
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-04020/1689/5513_
25.52311632132458540.011.0928.54
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNr9owELzzK1Du%2BYQ

1-04020/1690/5378_
25.5238904834462780.07.3924.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_29985e71e2416

1-04020/1586/5495_
25.53203146934888470.06.7524.90
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-04020/1491/5680_
25.539495533363960.06.9826.21
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_8a5445201695e

1-04020/1648/5218_
25.4948793634170380.07.2824.58
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_ae7b34efd0a7b

1-04020/1550/5416_
25.49671365232390630.06.5924.62
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hZJPT%2BMwEMXvK%2FEdI

1-04020/1634/5771_
25.52385823031696230.07.1926.27
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVLLbhMxFN0j9R8s7%2Bc

1-04020/1663/5605_
25.5048544035896930.07.4026.19
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_dd6b9e4c1877a

1-04020/1717/5592_
25.5241895328642790.07.5825.59
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04028/1616/5321W
25.540033813709.66.8624.13
127.0.0.1http/1.1</

Found on 2024-10-06 16:19

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e4e35c641

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Friday, 04-Oct-2024 12:07:31 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  25 days 6 hours 8 minutes 46 seconds
Server load: 1.03 1.44 1.33
Total accesses: 254446 - Total Traffic: 1.2 GB - Total Duration: 154546866
CPU Usage: u45.65 s53.82 cu88.72 cs41.46 - .0105% CPU load
.117 requests/sec - 575 B/second - 4935 B/request - 607.386 ms/request
1 requests currently being processed, 49 idle workers
_________________________W________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-04830/1079/5238_
18.991473629262440.04.9624.04
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_3ae71997256dd

0-04830/1225/5103_
18.993134331331000.05.7323.99
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_7bbaa1d2d734e

0-04830/1270/5320_
18.97646137127594080.05.7924.88
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-04830/1304/4894_
18.98485030195240.05.1722.47
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/css/theme.css HTTP/1.1

0-04830/1085/5463_
18.997636737485860.05.0125.51
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?spentityid=google.com%2Fa%2Ftoora

0-04830/1150/4938_
18.977483427007270.04.9722.70
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_e170e1584440e

0-04830/1163/4892_
18.961304257233784170.06.3623.60
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-04830/1151/5240_
18.9521146232926710.04.9924.61
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_8719570373c18

0-04830/1068/4734_
18.961553028181450.04.9721.91
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /.well-known/assetlinks.json HTTP/1.1

0-04830/1202/5307_
18.9616573930914210.05.4223.56
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_cd6b32b31f6cf

0-04830/1138/4771_
18.9519173630176810.05.0422.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_55642acd42c89

0-04830/1310/5485_
18.96139194633020620.07.5927.43
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-04830/1346/5049_
18.9710173930752520.06.1823.55
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_16a0cfc2dea4d

0-04830/1153/5467_
18.961534335064180.05.3325.23
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-04830/1282/5007_
18.961317135106670.05.5123.41
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-04830/1282/4968_
18.97110445428785730.05.7623.02
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-04830/1126/5138_
18.979134529946360.05.3224.48
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_b51956f2e5f37

0-04830/1117/4609_
18.97639030740320.05.5022.22
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-04830/1102/5251_
18.98462031757770.04.8524.80
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.js HTTP/1.1

0-04830/1241/5326_
18.952150134690490.05.2724.40
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/webauthn.js HTTP/1.1

0-04830/1247/4989_
18.991181031947330.05.5023.45
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/1071/5048_
18.99103929330540.04.6822.85
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_6657f640d50c5

0-04830/1222/5223_
18.951761432680910.05.4224.53
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-04830/1203/5026_
18.9959127754580.05.4823.07
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-04830/1128/4776_
18.952142031860520.04.9822.35
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-04028/1062/5025W
19.080029641039.64.6423.45
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

1-04020/1310/4968_
19.054815228395850.06.2123.48
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04020/1215/5250_
19.0412124930567840.05.2123.48
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_96acd15aad2df

1-04020/1154/4979_
19.0475377729540290.05.4022.92
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLrtowFNzzFSj7vCBQa

1-04020/1262/5164_
19.054473632736050.05.7823.67
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_ecbecf9e050f9

1-04020/1178/5024_
19.04107958633090060.05.1823.00
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-04020/1259/5295_
19.0318143529058940.05.7124.43
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_7bb64f6e998b6

1-04020/1155/4945_
19.03175447526941130.05.3723.12
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Dec6O7a

1-04020/1175/5302_
19.0319533329369310.013.7133.05
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

1-04020/1184/5207_
19.0315463532066860.05.4324.25
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

1-04020/1232/5056_
19.031317030920140.09.0126.46
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.js HTTP/1.1

1-04020/1221/4909_
19.0316183632600160.05.4522.70
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_053a959fb2ffa

1-04020/1120/5029_
19.04653933150310.04.7822.92
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-04020/1088/5277_
19.046145031391030.05.0524.28
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_32b57c53679a2

1-04020/1245/4815_
19.032142032438060.05.5822.88
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.js HTTP/1.1

1-04020/1128/4994_
19.06109030745090.04.8522.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-04020/1261/5398_
19.04131719029982100.05.5724.65
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04020/1189/5131_
19.0715033261950.05.3324.12
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-04020/1242/5117_
19.032150126678180.05.4923.50
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/simplewebauthn.es5.umd.min.js HTT

1-04020/1138/4843_
19.0525523631925710.05.0222.29
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1DuJI4Lb

1-04020/1378/51

Found on 2024-10-04 12:07

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387ebf5121c0

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Wednesday, 02-Oct-2024 09:31:14 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  23 days 3 hours 32 minutes 29 seconds
Server load: 2.50 1.54 1.18
Total accesses: 236574 - Total Traffic: 1.1 GB - Total Duration: 146434507
CPU Usage: u36.13 s46.56 cu88.72 cs41.46 - .0106% CPU load
.118 requests/sec - 580 B/second - 4906 B/request - 618.98 ms/request
1 requests currently being processed, 49 idle workers
__W_______________________________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-04830/751/4910_
13.0817076127735860.03.5022.57
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_13cc2f8b6a643

0-04830/847/4725_
13.081802029037430.03.8622.12
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-04838/846/4896W
13.120026193959.63.8022.89
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

0-04830/898/4488_
13.081757328369030.03.4820.77
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-04830/759/5137_
13.081318036078230.03.6024.11
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-04830/813/4601_
13.08206291325572730.03.5221.25
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BST

0-04830/815/4544_
13.1062040732346820.03.8121.06
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du%2BdT

0-04830/819/4908_
13.10729031386890.03.4523.07
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.js HTTP/1.1

0-04830/759/4425_
13.106734926990070.03.4720.40
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-04830/822/4927_
13.10689129498110.03.6821.81
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.js HTTP/1.1

0-04830/845/4478_
13.11432028579190.03.6020.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-04830/954/5129_
13.104575231938440.04.2524.09
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-04830/934/4637_
13.1224525928755180.03.9321.31
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLrtowFNzzFSh78ioVY

0-04830/756/5070_
13.11384033943830.03.4123.32
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.js HTTP/1.1

0-04830/962/4687_
13.1225226734244220.04.1122.01
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Dec3MXK

0-04830/787/4473_
13.1133545027159300.03.6120.88
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hZJPT%2BMwEMXvK%2FEdL

0-04830/803/4815_
13.128641228440100.03.7922.95
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DecyGEh

0-04830/840/4332_
13.08190169729307010.04.2820.99
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hZJfT9swFMXfkfgOlt%2F

0-04830/755/4904_
13.072123029042520.03.3623.31
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-04830/893/4978_
13.08886032617680.03.7822.91
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-04830/843/4585_
13.081252030946080.03.5821.53
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-04830/759/4736_
13.08953793728198680.03.3121.48
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVLLTuMwFN2PxD9Y3udVM

0-04830/866/4867_
13.088321030849340.03.9023.00
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/826/4649_
13.0810603826117700.03.8021.39
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_2605f73c29c8b

0-04830/806/4454_
13.088548929869650.03.5420.90
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_c83667ae1cecf

1-04020/721/4684_
13.198687528180450.03.0221.83
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_4f6964e0a382f

1-04020/954/4612_
13.1521043425173030.04.5421.82
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_f64ba9dd5ff1c

1-04020/829/4864_
13.21252529551160.03.5321.81
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PMgQw

1-04020/777/4602_
13.15203644827655430.03.5221.03
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7vMy0T

1-04020/911/4813_
13.16181628130620060.04.1222.02
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04020/846/4692_
13.228641831384750.03.7621.59
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7PCcdg

1-04020/898/4934_
13.20688127591310.04.0522.77
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/webauthn.js HTTP/1.1

1-04020/852/4642_
13.2141378825590030.03.8821.63
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1Du5Gutl

1-04020/847/4974_
13.21481027704300.012.0331.37
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /apple-touch-icon.png HTTP/1.1

1-04020/823/4846_
13.21286030655030.03.8822.69
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-04020/881/4705_
13.2136135129553970.04.1921.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj9owFLzzK1DuJCFAS

1-04020/909/4597_
13.214494331136360.03.8821.13
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04020/777/4686_
13.142174030585530.03.3921.54
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-04020/769/4958_
13.1912741029678350.03.5222.75
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-04020/890/4460_
13.208253530839740.03.9521.26
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_06d73b37a0297

1-04020/790/4656_
13.19104949029567570.03.4221.45
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSh78myhW

1-04020/858/4995_
13.20740128123540.03.8622.94
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/css/theme.css HTTP/1.1

1-04020/828/4770_
13.19115042832155920.03.6322.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

1-04020/889/4764_
13.198327825430520.03.8421.85
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04020/783/4488_
13.181494029864260.03.4120.68
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-04020/955/4739_
13.17176310

Found on 2024-10-02 09:31

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e501fc7c3

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Monday, 30-Sep-2024 06:54:58 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  21 days 56 minutes 13 seconds
Server load: 1.11 1.05 0.97
Total accesses: 221051 - Total Traffic: 1.0 GB - Total Duration: 138490441
CPU Usage: u27.84 s39.88 cu88.72 cs41.46 - .0109% CPU load
.122 requests/sec - 598 B/second - 4924 B/request - 626.509 ms/request
1 requests currently being processed, 49 idle workers
___W______________________________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-04830/464/4623_
8.11151829126493280.02.0921.17
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/mfa/hotp.php?hotp_id=303&StateId=

0-04830/562/4440_
8.101619327405630.02.6420.91
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-04830/523/4573_
8.19357124712840.02.3521.43
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/css/theme.css HTTP/1.1

0-048365/603/4193W
8.2100267759185.32.3819.67
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

0-04830/442/4820_
8.111493033429870.02.2122.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-04830/483/4271_
8.1933546823775410.02.0719.80
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj5swFLznV0Tc%2BQg

0-04830/487/4216_
8.131009930618340.02.4119.66
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/528/4617_
8.139321029182570.02.1221.74
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/513/4179_
8.16716025907910.02.3819.32
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-04830/486/4591_
8.1211123928454190.02.1520.29
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-04830/544/4177_
8.1663540827355190.02.1719.44
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-04830/622/4797_
8.14848030452290.02.7022.54
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-04830/603/4306_
8.1644579127668750.02.5619.94
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hZJPT%2BMwEMXvSHwHy%2

0-04830/477/4791_
8.16550575233005840.02.1422.05
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DecyHks

0-04830/575/4300_
8.1649970133040420.02.6120.51
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=fZHRb4IwEMb%2Flabv0AL

0-04830/487/4173_
8.173731125760290.02.3019.57
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/529/4541_
8.183674027110870.02.5521.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_8005c503143ad

0-04830/568/4060_
8.19534427831100.03.0019.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_aa76f61b0c2a9

0-04830/401/4550_
8.19241927787650.01.8321.78
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/538/4623_
8.111191102730656120.02.2821.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-04830/548/4290_
8.111463129124250.02.3520.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-04830/501/4478_
8.111396425026700420.02.1420.31
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJNT%2BMwEL0j7X%2BIf

0-04830/461/4462_
8.121114128852880.02.1921.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-04830/488/4311_
8.1113481024784670.02.2919.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/476/4124_
8.121095928381430.02.1119.48
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-04020/446/4409_
8.307535126832160.01.8420.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04020/590/4248_
8.271463124024360.02.7920.06
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/webauthn.js HTTP/1.1

1-04020/551/4586_
8.26149422128178480.02.3820.66
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/hotp.php HTTP/1.1

1-04020/527/4352_
8.331796925698270.02.3719.88
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04020/553/4455_
8.2714181371329237570.02.4420.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Dekzhhu

1-04020/547/4393_
8.33316029284950.02.5120.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-04020/631/4667_
8.31546580126251790.02.7821.49
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7vAN0L

1-04020/522/4312_
8.3144377724087420.02.4020.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVLJTsMwEL0j8Q%2BW71l

1-04020/599/4726_
8.314655926200630.011.0330.37
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_99dd6a23bf58f

1-04020/503/4526_
8.33352028930680.02.4221.24
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-04020/557/4381_
8.31373827737440.02.6120.06
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/idp/resumelogout.php?id=_072a12641037ae02c

1-04020/499/4187_
8.32357129151530.02.0819.33
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-04020/543/4452_
8.33244028978640.02.2720.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_59f9e3d131c33

1-04020/519/4708_
8.30939927884140.02.5121.74
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-04020/521/4091_
8.31596107228503620.02.3419.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-04020/522/4388_
8.2911145827974070.02.3120.33
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04020/569/4706_
8.30920026333520.02.5121.59
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-04020/507/4449_
8.2911991029989460.02.1320.92
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-04020/553/4428_
8.30107938423639210.02.3920.40
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJNbxMxEL0j8R8s3%2Fc

1-04020/495/4200_
8.29114429828485760.02.1019.37
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJLb9QwEL4j8R8s3%2FP

1-04020/534/4318

Found on 2024-09-30 06:54

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e6afb4577

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Monday, 30-Sep-2024 06:54:54 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  21 days 56 minutes 9 seconds
Server load: 1.12 1.05 0.97
Total accesses: 221013 - Total Traffic: 1.0 GB - Total Duration: 138490405
CPU Usage: u27.84 s39.87 cu88.72 cs41.46 - .0109% CPU load
.122 requests/sec - 598 B/second - 4924 B/request - 626.617 ms/request
1 requests currently being processed, 49 idle workers
___W______________________________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-04830/464/4623_
8.11151429126493280.02.0921.17
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/mfa/hotp.php?hotp_id=303&StateId=

0-04830/562/4440_
8.101614327405630.02.6420.91
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-04830/523/4573_
8.19353124712840.02.3521.43
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/css/theme.css HTTP/1.1

0-048327/565/4155W
8.2000267755535.52.3319.62
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

0-04830/442/4820_
8.111489033429870.02.2122.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-04830/483/4271_
8.1933146823775410.02.0719.80
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj5swFLznV0Tc%2BQg

0-04830/487/4216_
8.131005930618340.02.4119.66
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/528/4617_
8.139281029182570.02.1221.74
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/513/4179_
8.16712025907910.02.3819.32
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-04830/486/4591_
8.1211083928454190.02.1520.29
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-04830/544/4177_
8.1663140827355190.02.1719.44
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-04830/622/4797_
8.14844030452290.02.7022.54
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-04830/603/4306_
8.1644179127668750.02.5619.94
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hZJPT%2BMwEMXvSHwHy%2

0-04830/477/4791_
8.16546575233005840.02.1422.05
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DecyHks

0-04830/575/4300_
8.1649570133040420.02.6120.51
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=fZHRb4IwEMb%2Flabv0AL

0-04830/487/4173_
8.173691125760290.02.3019.57
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/529/4541_
8.183634027110870.02.5521.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_8005c503143ad

0-04830/568/4060_
8.19494427831100.03.0019.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_aa76f61b0c2a9

0-04830/401/4550_
8.19237927787650.01.8321.78
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/538/4623_
8.111187102730656120.02.2821.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-04830/548/4290_
8.111459129124250.02.3520.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-04830/501/4478_
8.111392425026700420.02.1420.31
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJNT%2BMwEL0j7X%2BIf

0-04830/461/4462_
8.121110128852880.02.1921.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-04830/488/4311_
8.1113441024784670.02.2919.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/476/4124_
8.121091928381430.02.1119.48
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-04020/446/4409_
8.307495126832160.01.8420.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04020/590/4248_
8.271458124024360.02.7920.06
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/webauthn.js HTTP/1.1

1-04020/551/4586_
8.26149022128178480.02.3820.66
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/hotp.php HTTP/1.1

1-04020/527/4352_
8.331756925698270.02.3719.88
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04020/553/4455_
8.2714141371329237570.02.4420.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Dekzhhu

1-04020/547/4393_
8.33311029284950.02.5120.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-04020/631/4667_
8.31542580126251790.02.7821.49
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7vAN0L

1-04020/522/4312_
8.3143977724087420.02.4020.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVLJTsMwEL0j8Q%2BW71l

1-04020/599/4726_
8.314615926200630.011.0330.37
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_99dd6a23bf58f

1-04020/503/4526_
8.33348028930680.02.4221.24
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-04020/557/4381_
8.31368827737440.02.6120.06
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/idp/resumelogout.php?id=_072a12641037ae02c

1-04020/499/4187_
8.32353129151530.02.0819.33
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-04020/543/4452_
8.33204028978640.02.2720.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_59f9e3d131c33

1-04020/519/4708_
8.30935927884140.02.5121.74
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-04020/521/4091_
8.31592107228503620.02.3419.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-04020/522/4388_
8.2911105827974070.02.3120.33
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04020/569/4706_
8.30916026333520.02.5121.59
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-04020/507/4449_
8.2911951029989460.02.1320.92
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-04020/553/4428_
8.30107538423639210.02.3920.40
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJNbxMxEL0j8R8s3%2Fc

1-04020/495/4200_
8.29114029828485760.02.1019.37
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJLb9QwEL4j8R8s3%2FP

1-04020/534/4318_

Found on 2024-09-30 06:54

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387eecafbb69

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Monday, 30-Sep-2024 06:54:54 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  21 days 56 minutes 9 seconds
Server load: 1.12 1.05 0.97
Total accesses: 221010 - Total Traffic: 1.0 GB - Total Duration: 138490403
CPU Usage: u27.84 s39.87 cu88.72 cs41.46 - .0109% CPU load
.122 requests/sec - 598 B/second - 4924 B/request - 626.625 ms/request
1 requests currently being processed, 49 idle workers
___W______________________________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-04830/464/4623_
8.11151329126493280.02.0921.17
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/mfa/hotp.php?hotp_id=303&StateId=

0-04830/562/4440_
8.101614327405630.02.6420.91
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-04830/523/4573_
8.19353124712840.02.3521.43
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/css/theme.css HTTP/1.1

0-048324/562/4152W
8.2000267755329.42.3219.62
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

0-04830/442/4820_
8.111489033429870.02.2122.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-04830/483/4271_
8.1933146823775410.02.0719.80
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj5swFLznV0Tc%2BQg

0-04830/487/4216_
8.131004930618340.02.4119.66
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/528/4617_
8.139271029182570.02.1221.74
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/513/4179_
8.16712025907910.02.3819.32
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-04830/486/4591_
8.1211073928454190.02.1520.29
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-04830/544/4177_
8.1663040827355190.02.1719.44
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-04830/622/4797_
8.14843030452290.02.7022.54
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-04830/603/4306_
8.1644079127668750.02.5619.94
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hZJPT%2BMwEMXvSHwHy%2

0-04830/477/4791_
8.16545575233005840.02.1422.05
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DecyHks

0-04830/575/4300_
8.1649470133040420.02.6120.51
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=fZHRb4IwEMb%2Flabv0AL

0-04830/487/4173_
8.173681125760290.02.3019.57
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/529/4541_
8.183624027110870.02.5521.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_8005c503143ad

0-04830/568/4060_
8.19494427831100.03.0019.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_aa76f61b0c2a9

0-04830/401/4550_
8.19236927787650.01.8321.78
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/538/4623_
8.111187102730656120.02.2821.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-04830/548/4290_
8.111458129124250.02.3520.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-04830/501/4478_
8.111391425026700420.02.1420.31
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJNT%2BMwEL0j7X%2BIf

0-04830/461/4462_
8.121110128852880.02.1921.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-04830/488/4311_
8.1113431024784670.02.2919.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/476/4124_
8.121090928381430.02.1119.48
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-04020/446/4409_
8.307495126832160.01.8420.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04020/590/4248_
8.271458124024360.02.7920.06
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/webauthn.js HTTP/1.1

1-04020/551/4586_
8.26148922128178480.02.3820.66
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/hotp.php HTTP/1.1

1-04020/527/4352_
8.331756925698270.02.3719.88
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04020/553/4455_
8.2714131371329237570.02.4420.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Dekzhhu

1-04020/547/4393_
8.33311029284950.02.5120.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-04020/631/4667_
8.31541580126251790.02.7821.49
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7vAN0L

1-04020/522/4312_
8.3143977724087420.02.4020.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVLJTsMwEL0j8Q%2BW71l

1-04020/599/4726_
8.314605926200630.011.0330.37
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_99dd6a23bf58f

1-04020/503/4526_
8.33348028930680.02.4221.24
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-04020/557/4381_
8.31368827737440.02.6120.06
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/idp/resumelogout.php?id=_072a12641037ae02c

1-04020/499/4187_
8.32353129151530.02.0819.33
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-04020/543/4452_
8.33204028978640.02.2720.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_59f9e3d131c33

1-04020/519/4708_
8.30934927884140.02.5121.74
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-04020/521/4091_
8.31592107228503620.02.3419.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-04020/522/4388_
8.2911105827974070.02.3120.33
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04020/569/4706_
8.30916026333520.02.5121.59
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-04020/507/4449_
8.2911951029989460.02.1320.92
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-04020/553/4428_
8.30107538423639210.02.3920.40
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJNbxMxEL0j8R8s3%2Fc

1-04020/495/4200_
8.29114029828485760.02.1019.37
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJLb9QwEL4j8R8s3%2FP

1-04020/534/4318_

Found on 2024-09-30 06:54

Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31dda8387edda8387e037fda29

Apache Status

Apache Server Status for toorak-login.cloudworkengine.net (via 127.0.0.1)

Server Version: Apache/2.4.52 (Ubuntu) mod_fcgid/2.3.9
Server MPM: worker
Server Built: 2024-04-10T17:45:18

Current Time: Monday, 30-Sep-2024 06:54:54 UTC
Restart Time: Monday, 09-Sep-2024 05:58:45 UTC
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime:  21 days 56 minutes 9 seconds
Server load: 1.12 1.05 0.97
Total accesses: 221014 - Total Traffic: 1.0 GB - Total Duration: 138490406
CPU Usage: u27.84 s39.87 cu88.72 cs41.46 - .0109% CPU load
.122 requests/sec - 598 B/second - 4924 B/request - 626.614 ms/request
1 requests currently being processed, 49 idle workers
___W______________________________________________..............
................................................................
................................................................
................................................................
................................................................
................................................................
................
Scoreboard Key:
"_" Waiting for Connection, 
"S" Starting up, 
"R" Reading Request,
"W" Sending Reply, 
"K" Keepalive (read), 
"D" DNS Lookup,
"C" Closing connection, 
"L" Logging, 
"G" Gracefully finishing, 
"I" Idle cleanup of worker, 
"." Open slot with no current process



SrvPIDAccMCPU
SSReqDurConnChildSlotClientProtocolVHostRequest

0-04830/464/4623_
8.11151429126493280.02.0921.17
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/mfa/hotp.php?hotp_id=303&StateId=

0-04830/562/4440_
8.101615327405630.02.6420.91
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/metadata.php HTTP/1.1

0-04830/523/4573_
8.19353124712840.02.3521.43
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/css/theme.css HTTP/1.1

0-048328/566/4156W
8.2000267755739.52.3319.63
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /server-status HTTP/1.1

0-04830/442/4820_
8.111489033429870.02.2122.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-04830/483/4271_
8.1933146823775410.02.0719.80
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVNNj5swFLznV0Tc%2BQg

0-04830/487/4216_
8.131005930618340.02.4119.66
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/528/4617_
8.139281029182570.02.1221.74
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/513/4179_
8.16712025907910.02.3819.32
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

0-04830/486/4591_
8.1211083928454190.02.1520.29
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

0-04830/544/4177_
8.1663140827355190.02.1719.44
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /saml2/idp/SSOService.php HTTP/1.1

0-04830/622/4797_
8.14844030452290.02.7022.54
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

0-04830/603/4306_
8.1644179127668750.02.5619.94
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hZJPT%2BMwEMXvSHwHy%2

0-04830/477/4791_
8.16546575233005840.02.1422.05
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1DecyHks

0-04830/575/4300_
8.1649570133040420.02.6120.51
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=fZHRb4IwEMb%2Flabv0AL

0-04830/487/4173_
8.173691125760290.02.3019.57
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/529/4541_
8.183634027110870.02.5521.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_8005c503143ad

0-04830/568/4060_
8.19494427831100.03.0019.71
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_aa76f61b0c2a9

0-04830/401/4550_
8.19237927787650.01.8321.78
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/538/4623_
8.111187102730656120.02.2821.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

0-04830/548/4290_
8.111459129124250.02.3520.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-04830/501/4478_
8.111392425026700420.02.1420.31
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJNT%2BMwEL0j7X%2BIf

0-04830/461/4462_
8.121110128852880.02.1921.30
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

0-04830/488/4311_
8.1113441024784670.02.2919.87
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

0-04830/476/4124_
8.121091928381430.02.1119.48
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-04020/446/4409_
8.307495126832160.01.8420.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04020/590/4248_
8.271458124024360.02.7920.06
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/cloudworkauth/webauthn.js HTTP/1.1

1-04020/551/4586_
8.26149022128178480.02.3820.66
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/hotp.php HTTP/1.1

1-04020/527/4352_
8.331756925698270.02.3719.88
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04020/553/4455_
8.2714141371329237570.02.4420.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPbjtowEH3nK1Dekzhhu

1-04020/547/4393_
8.33311029284950.02.5120.34
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-04020/631/4667_
8.31542580126251790.02.7821.49
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=jVPLjtowFN3zFSj7vAN0L

1-04020/522/4312_
8.3143977724087420.02.4020.14
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVLJTsMwEL0j8Q%2BW71l

1-04020/599/4726_
8.314615926200630.011.0330.37
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_99dd6a23bf58f

1-04020/503/4526_
8.33348028930680.02.4221.24
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /resources/post.css HTTP/1.1

1-04020/557/4381_
8.31368827737440.02.6120.06
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/idp/resumelogout.php?id=_072a12641037ae02c

1-04020/499/4187_
8.32353129151530.02.0819.33
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/chromebook/jquery.cookie.js HTTP/1.1

1-04020/543/4452_
8.33204028978640.02.2720.42
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/core/loginuserpass.php?AuthState=_59f9e3d131c33

1-04020/519/4708_
8.30935927884140.02.5121.74
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-04020/521/4091_
8.31592107228503620.02.3419.64
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/core/loginuserpass.php HTTP/1.1

1-04020/522/4388_
8.2911105827974070.02.3120.33
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coPOST /module.php/cloudworkauth/mfa/webauthn/get_login_options.p

1-04020/569/4706_
8.30916026333520.02.5121.59
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /favicon.ico HTTP/1.1

1-04020/507/4449_
8.2911951029989460.02.1320.92
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /module.php/nextmail/cloudwork/favicon.ico HTTP/1.1

1-04020/553/4428_
8.30107538423639210.02.3920.40
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJNbxMxEL0j8R8s3%2Fc

1-04020/495/4200_
8.29114029828485760.02.1019.37
127.0.0.1http/1.1ip-10-1-99-42.ap-southeast-2.coGET /saml2/idp/SSOService.php?SAMLRequest=hVJLb9QwEL4j8R8s3%2FP

1-04020/534/4318_

Found on 2024-09-30 06:54

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 18.245.60.19
Domain: stg.acilearning.com
Port: 443
URL: https://stg.acilearning.com

First seen 2024-02-08 06:51
Last seen 2025-04-10 10:09
Open for 427 days

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65221a7e64a9

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/ibleducation/aci-ibl-web-skills-spa
	fetch = +refs/heads/*:refs/remotes/origin/*
[gc]
	auto = 0
[http "https://github.com/"]
	extraheader = AUTHORIZATION: basic eC1hY2Nlc3MtdG9rZW46Z2hwX0hKSDE1U2liM1RWUnU1MFlXdHFKeVVzRjFjT05CbDAxNGNjaw==
[branch "stg.acilearning.com"]
	remote = origin
	merge = refs/heads/stg.acilearning.com

Found on 2025-04-10 10:09

462 Bytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 18.245.60.19
Domain: www.krispysolutions.com.hk
Port: 443
URL: https://www.krispysolutions.com.hk

First seen 2024-07-24 08:11
Last seen 2024-10-26 15:26
Open for 94 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c39aac35b39aac35b33e8323bbf383708ebc10da0ca95bedf
```
Found 14 files trough .DS_Store spidering:

/css
/fonts
/fonts/fontawesome-5
/fonts/icon-font
/fonts/typography-font
/image
/image/l4
/image/logo
/js
/plugins
/plugins/aos
/plugins/jquery
/plugins/menu
/plugins/theme-mode-switcher
```
  Found on 2024-10-26 15:26
- Severity: low
  Fingerprint: 5f32cf5d6962f09c8329733f8329733fbe7e56f74d9ad65c0e12ee5c72617e9c
```
Found 10 files trough .DS_Store spidering:

/css
/fonts
/fonts/fontawesome-5
/fonts/icon-font
/fonts/typography-font
/image
/image/l4
/image/logo
/js
/plugins
```
  Found on 2024-10-17 01:22
- Severity: low
  Fingerprint: 5f32cf5d6962f09c4239b3d84239b3d8143ab0e0dd712c7b65015f8ba609f3d0
```
Found 8 files trough .DS_Store spidering:

/css
/fonts
/fonts/fontawesome-5
/fonts/icon-font
/fonts/typography-font
/image
/js
/plugins
```
  Found on 2024-09-26 20:14
Create report
Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 18.245.60.19
Domain: yhsp8.me
Port: 443
URL: https://yhsp8.me

First seen 2023-10-23 10:31
Last seen 2023-12-23 23:19
Open for 61 days
- Severity: medium
  Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652256fe5e99
```
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://cdn-tv.hnmting.com/zhangmazi/yhs_web.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master
```
  Found on 2023-12-23 23:19
  
  273 Bytes
Create report

Open service 18.245.60.19:80 · hyva-m2.gabpauto.com

2026-02-11 13:23

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 11 Feb 2026 13:23:32 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Location: https://hyva-m2.gabpauto.com/
X-Cache: Redirect from cloudfront
Via: 1.1 d147b4a7fe31d4e8683f7d8b15b71906.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P5
X-Amz-Cf-Id: EmKLLhHZaW7bHIXLdBkA8ffTJ8ApUJC-0kMjCHfq4Mw-nkAM7pTBYg==

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>CloudFront</center>
</body>
</html>

Found 23 hours ago by HttpPlugin

Host 18.245.60.19

United States

Software information

MacOS file listing through .DS_Store file

Git configuration and history exposed

Apache server-status page is publicly available

Git configuration and history exposed

MacOS file listing through .DS_Store file

Git configuration and history exposed

app.autotwin.com

cardsr-auth-ss.fujifilm.com

*.backhomebox.combackhomebox.com

www.quickassignmenthub.comquickassignmenthub.com

admin.investorpresentations.com

qury.responsibilm.xyz

*.openprofile.ioopenprofile.io

red88asianbistrosj.com*.red88asianbistrosj.com

wxo.com.au*.wxo.com.au

Domain summary