Host 185.149.69.55
Gibraltar
HURRICANE
-
Apache server-status page is publicly available
The server-status page (usually
/server-status) allows server administrators to find out how well their server is performing.This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
First seen 2022-08-25 17:58
Last seen 2022-12-23 23:23
Open for 120 days-
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb312658ac048cdc1a26e696f4c5Apache Status Apache Server Status for www.civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Friday, 23-Dec-2022 23:23:51 UTC Restart Time: Wednesday, 14-Dec-2022 03:03:09 UTC Parent Server Config. Generation: 176 Parent Server MPM Generation: 175 Server uptime: 9 days 20 hours 20 minutes 41 seconds Server load: 388.01 389.93 389.79 Total accesses: 597881 - Total Traffic: 3.4 GB - Total Duration: 329175672 CPU Usage: u56.14 s42.75 cu12927.9 cs588.1 - 1.6% CPU load .703 requests/sec - 4339 B/second - 6.0 kB/request - 550.571 ms/request 29 requests currently being processed, 46 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 1758783no13yes817090 2758943no24yes12130151 3758784no22yes9160141 Sum3059 29460382 .........................R_R__L________WR__R__LR__RR_W_______L__ LRLLRL_LR__R_____R_RL___R__R____LLL_............................ ............................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-175-0/0/8800. 0.001929245324090.00.0047.32 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8758. 0.001934246391350.00.0047.53 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8758. 0.0019139745838940.00.0049.53 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8880. 0.0019139746656350.00.0048.54 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8706. 0.001945246295500.00.0079.49 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8816. 0.001926446054770.00.0048.20 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8682. 0.001926445658710.00.0048.32 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8765. 0.001925549166310.00.0050.87 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8713. 0.001930246406650.00.0049.07 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8858. 0.0019108546774340.00.0051.86 2001:4800:7818:101:be76:4eff:fe04:3ab9http/1.1farmaceuticals.co:80POST /xmlrpc.php HTTP/1.1 0-175-0/0/8704. 0.001929050841150.00.0048.02 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8591. 0.001948444988270.00.0047.47 34.76.158.233http/1.1authorityforge.com:443GET / HTTP/1.0 0-175-0/0/8709. 0.001927146577100.00.0048.95 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8608. 0.001928944701530.00.0048.31 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8776. 0.0019246050070.00.0050.17 51.222.253.3http/1.1goingup.com:80GET /analyzer/?url=www.fizzflap.com HTTP/1.1 0-175-0/0/8821. 0.001926845464940.00.0049.37 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8652. 0.0019135145387440.00.0047.10 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8614. 0.001940545473280.00.0050.15 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8612. 0.001941845503840.00.0052.08 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8662. 0.00192445835390.00.0049.72 185.149.69.55h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8654. 0.0019134345831280.00.0052.25 195.211.77.140h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8711. 0.001942247898060.00.0050.21 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8720. 0.0019173455507670.00.0049.49 51.103.21.253http/1.1creationshop.net:80GET /lnidzdke.php?Fox=d3wL7 HTTP/1.1 0-175-0/0/8705. 0.001933345728440.00.0050.49 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8656. 0.001934746967960.00.0049.85 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7586R 0.511040904850.00.0043.82 159.65.51.215h2civiogroup.com:443GET /?rest_route=/wp/v2/users/ HTTP/2.0 1-1757587830/1/7564_ 0.841542095700.00.0042.55 159.65.51.215h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587831/2/7600L 1.0401441391680.50.0046.16 139.144.69.48h2civiogroup.com:443GET /.git/config HTTP/2.0 1-1757587830/2/7431_ 0.40252341433310.00.0042.09 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/2/7429_ 0.741940449720.00.0342.84 147.182.144.10h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587831/3/7418L 0.7512141631250.50.0142.36 170.187.164.181h2civiogroup.com:443GET /info.php HTTP/2.0 1-1757587830/1/7392_ 0.741939872120.00.0041.47 147.182.144.10h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7390_ 0.751440560980.00.0074.16 170.187.164.181h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/2/7339_ 0.46147438938920.00.0341.76 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7431_ 0.261125340900770.00.0040.98 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 1-1757587830/0/7359_ 0.00151240050170.00.0040.70 196.196.53.138h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7444_ 0.8715140673360.00.0042.87 159.65.51.215h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7382_ 0.31128439483240.00.0041.98 51.222.253.10h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7415_ 0.841539457860.00.0042.61 159.65.51.215h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587831/1/7418W 0.511039891560.00.0042.09 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7405R 0.511039652980.00.0044.75 159.65.51.215h2civiogroup.com:443GET / HTTP/2.0 1-1757587830/1/7374_ 0.57131144715560.00.0041.55 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/2/7378_ 1.020540143260.00.0241.10 139.144.69.48h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/0/7384R 0.000040964630.00.0043.13 2a01:7e00::f03c:93ff:fe76:112fh2civiogroup.com:443GET / HTTP/2.0 1-1757587830/0/7419_ 0.00128444180500.00.0041.82 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/2/7371_ 0.5716240753310.00.0343.17 205.169.39.63http/1.1vestaok.com:80GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 1-1757587831/1/7349L 1.030639752970.50.0040.65 139.144.69.48h2civiogroup.com:443GET /.DS_Store HTTP/2.0 1-1757587831/2/7347L 1.0403040530760.50.0042.51 139.144.69.48h2civiogroup.com:443GET /debug/default/view?panel=config HTTP/2.0 1-1757587830/2/7406
Found on 2022-12-23 23:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb312658ac048cdc1a26d2ccc3d3Apache Status Apache Server Status for www.civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Friday, 23-Dec-2022 23:23:49 UTC Restart Time: Wednesday, 14-Dec-2022 03:03:09 UTC Parent Server Config. Generation: 176 Parent Server MPM Generation: 175 Server uptime: 9 days 20 hours 20 minutes 40 seconds Server load: 387.49 389.86 389.77 Total accesses: 597871 - Total Traffic: 3.4 GB - Total Duration: 329167659 CPU Usage: u55.7 s42.74 cu12927.9 cs588.1 - 1.6% CPU load .703 requests/sec - 4339 B/second - 6.0 kB/request - 550.566 ms/request 24 requests currently being processed, 51 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 1758783no3yes520011 2758943no8yes916041 3758784no17yes10150101 Sum3028 24510153 .........................R____L_____R__WR_____________________W_ LRLLRL_LR__R___R_L_R_L_L___R____LRL_............................ ............................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process <SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-175-0/0/8800. 0.001829245324090.00.0047.32 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8758. 0.001834246391350.00.0047.53 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8758. 0.0018139745838940.00.0049.53 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8880. 0.0018139746656350.00.0048.54 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8706. 0.001845246295500.00.0079.49 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8816. 0.001826446054770.00.0048.20 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8682. 0.001826445658710.00.0048.32 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8765. 0.001825549166310.00.0050.87 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8713. 0.001830246406650.00.0049.07 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8858. 0.0018108546774340.00.0051.86 2001:4800:7818:101:be76:4eff:fe04:3ab9http/1.1farmaceuticals.co:80POST /xmlrpc.php HTTP/1.1 0-175-0/0/8704. 0.001829050841150.00.0048.02 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8591. 0.001848444988270.00.0047.47 34.76.158.233http/1.1authorityforge.com:443GET / HTTP/1.0 0-175-0/0/8709. 0.001827146577100.00.0048.95 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8608. 0.001828944701530.00.0048.31 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8776. 0.0018246050070.00.0050.17 51.222.253.3http/1.1goingup.com:80GET /analyzer/?url=www.fizzflap.com HTTP/1.1 0-175-0/0/8821. 0.001826845464940.00.0049.37 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8652. 0.0018135145387440.00.0047.10 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8614. 0.001840545473280.00.0050.15 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8612. 0.001841845503840.00.0052.08 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8662. 0.00182445835390.00.0049.72 185.149.69.55h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8654. 0.0018134345831280.00.0052.25 195.211.77.140h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-175-0/0/8711. 0.001842247898060.00.0050.21 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8720. 0.0018173455507670.00.0049.49 51.103.21.253http/1.1creationshop.net:80GET /lnidzdke.php?Fox=d3wL7 HTTP/1.1 0-175-0/0/8705. 0.001833345728440.00.0050.49 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 0-175-0/0/8656. 0.001834746967960.00.0049.85 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7586R 0.510040904850.00.0043.82 159.65.51.215h2civiogroup.com:443GET /?rest_route=/wp/v2/users/ HTTP/2.0 1-1757587830/1/7564_ 0.840542095700.00.0042.55 159.65.51.215h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7599_ 0.09182241391380.00.0046.16 205.169.39.63h2civiogroup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/2/7431_ 0.40152341433310.00.0042.09 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/2/7429_ 0.740940449720.00.0342.84 147.182.144.10h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587831/3/7418L 0.7502141631250.50.0142.36 170.187.164.181h2civiogroup.com:443GET /info.php HTTP/2.0 1-1757587830/1/7392_ 0.740939872120.00.0041.47 147.182.144.10h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7390_ 0.750440560980.00.0074.16 170.187.164.181h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/2/7339_ 0.46047438938920.00.0341.76 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7431_ 0.260125340900770.00.0040.98 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 1-1757587830/0/7359_ 0.00051240050170.00.0040.70 196.196.53.138h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7444_ 0.8705140673360.00.0042.87 159.65.51.215h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7382_ 0.31028439483240.00.0041.98 51.222.253.10h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/1/7415_ 0.840539457860.00.0042.61 159.65.51.215h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587831/1/7418W 0.510039891560.00.0042.09 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7405R 0.510039652980.00.0044.75 159.65.51.215h2civiogroup.com:443GET / HTTP/2.0 1-1757587830/1/7374_ 0.57331144715560.00.0041.55 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7377_ 0.381104640143150.00.0241.10 95.105.127.54http/1.1binarybiz.com:80GET /category/file-recovery/ HTTP/1.1 1-1757587830/0/7384_ 0.0039240964630.00.0043.13 51.103.21.253h2creationshop.net:443idle, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 1-1757587830/0/7419_ 0.00628444180500.00.0041.82 57.128.83.159http/1.1dfyseo.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-1757587830/2/7371_ 0.5736240753310.00.0343.17 205.169.39.63http/1.1vestaok.com:80GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 1-1757587830/0/7348_ 0.00239339752850.00.0040.64 57.128.83.159http/1.1dfyseo.net:80POST //xmlrpc.php HTTP/1.1 1-1757587830/1/7346_ 0.381131240530150.00.0042.50 139.59.38.143http/1.1grownation.co:80POST //xmlrpc.php HTTP/1.1 1-1757587830/2/7406
Found on 2022-12-23 23:23 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb312658ac048cdc1a2650fb0cfaApache Status Apache Server Status for www.civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Monday, 24-Oct-2022 21:32:51 UTC Restart Time: Thursday, 06-Oct-2022 19:36:22 UTC Parent Server Config. Generation: 353 Parent Server MPM Generation: 352 Server uptime: 18 days 1 hour 56 minutes 29 seconds Server load: 1.39 1.24 1.33 Total accesses: 1179945 - Total Traffic: 8.8 GB - Total Duration: 654286370 CPU Usage: u112.53 s115.42 cu23479.3 cs1244.57 - 1.6% CPU load .755 requests/sec - 5.9 kB/second - 7.8 kB/request - 554.506 ms/request 20 requests currently being processed, 55 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 0322051no0yes223000 13894636yes (old gen)1no00000 22602260yes (old gen)1no00000 3322157no11yes421061 4157538yes (old gen)1no00000 7322104no0yes1411000 Sum6314 2055061 _____________R______R____.W.......................W............. ...........RRR____R_________________.....................W...... ...............................................RRRRRRRRRR_RR__R_ __W_____ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-3523220510/1/16300_ 0.0215586983020.00.00114.05 3.239.76.121h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/16168_ 0.0015290924300.00.00146.93 185.191.171.19http/1.1goingup.com:80GET /analyzer/?url=DiaryWiree.blogspot.com HTTP/1.1 0-3523220510/0/16013_ 0.00999686714220.00.00118.32 114.119.152.231h2goingup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/1/15993_ 0.024584135040.00.00118.08 2600:3000:2710:200::1dhttp/1.1vestaok.com:80GET /.well-known/acme-challenge/Zt7sdNsfyv5-I8NAWsm_QB0oa3cjDBL 0-3523220510/0/16187_ 0.0010125085931230.00.00122.12 20.26.113.150http/1.1helpcenterlive.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/1/16021_ 0.034486196620.00.00116.92 2a05:d014:3ad:701:2b2d:df53:79eb:5ee1http/1.1vestaok.com:80GET /.well-known/acme-challenge/Gjn3I6CzVcw091BGDyllp2_gUeAmpcx 0-3523220510/1/16076_ 0.034486637830.00.00119.11 2600:1f14:804:fd01:ba3a:67af:d30f:fb7bhttp/1.1vestaok.com:80GET /.well-known/acme-challenge/Zt7sdNsfyv5-I8NAWsm_QB0oa3cjDBL 0-3523220510/1/15992_ 0.222164985187270.00.00119.25 104.244.210.57h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/15855_ 0.002787784702960.00.00117.44 114.119.152.27h2goingup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/15823_ 0.002767582051280.00.00115.80 51.222.253.2http/1.1goingup.com:80GET /webstats/bp762fa/visitor_details.html?vid=6990258322044489 0-3523220510/0/15924_ 0.0027102085164800.00.00116.75 185.225.35.205http/1.1farmaceuticals.co:80POST /wp-login.php HTTP/1.1 0-3523220510/0/16001_ 0.002770791208480.00.00117.50 114.119.152.231http/1.1goingup.com:80GET /analyzer/?url=lintasmagetan.com HTTP/1.1 0-3523220510/0/15900_ 0.00271687280410.00.00116.90 194.163.40.125http/1.1boostmarketing.com:80GET /wp-login.php HTTP/1.1 0-3523220510/0/16092R 0.002747985618150.00.00121.25 162.158.203.86http/1.1civiogroup.com:443 0-3523220510/1/15923_ 0.230886230720.00.00118.89 194.195.241.186h2civiogroup.com:443idle, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 0-3523220510/1/16095_ 0.221225786797470.00.00115.83 92.40.205.84h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/15911_ 0.00273785277500.00.00115.21 138.68.229.54http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 0-3523220510/0/16111_ 0.0027885829270.00.00116.80 185.149.69.55http/1.1farmaceuticals.co:80POST /wp-cron.php?doing_wp_cron=1666646973.28957605361938476562 0-3523220510/1/16031_ 0.280486043690.00.00117.61 194.195.241.186h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/15762_ 0.00273783348230.00.00112.50 138.68.229.54http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 0-3523220510/0/15985R 0.000083263760.00.00114.49 157.230.99.82h2civiogroup.com:443GET /server-status HTTP/2.0 0-3523220510/1/16044_ 0.221243186644730.00.00116.99 109.201.130.7h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/16051_ 0.002799590584410.00.00119.26 65.108.67.8http/1.1helpcenterlive.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/16185_ 0.00274586914340.00.00115.75 65.108.67.8http/1.1helpcenterlive.com:80GET /smf/ HTTP/1.1 0-3523220510/1/15828_ 0.220210892132950.00.00114.38 194.195.241.186h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10311. 0.0041193324051529050.00.0061.13 65.109.80.253http/1.1credivis.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-26038946361/0/10167W 0.00411926051697240.00.0061.46 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 1-260-0/0/10240. 0.0041193323350303910.00.0059.63 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10333. 0.0041193326748767760.00.0057.68 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10240. 0.0041193344552138840.00.0064.67 192.99.37.132h2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10270. 0.0041193324749707620.00.0062.77 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10352. 0.0041193338952787320.00.0062.19 192.99.37.132http/1.1binarybiz.com:80GET /ar/%D8%A7%D9%84%D9%82%D8%A7%D9%86%D9%88%D9%86%D9%8A%D8%A9/ 1-260-0/0/10248. 0.0041193324953127020.00.0062.27 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10266. 0.0041193331552303290.00.0094.28 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10256. 0.0041193322850083920.00.0061.11 65.109.80.253http/1.1credivis.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10187. 0.0041193323748691710.00.0062.47 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10144. 0.0041193324949241020.00.0062.89 209.141.46.253http/1.1prospectly.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10171. 0.0041193325650229140.00.0063.03 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10422. 0.0041193324051412380.00.0066.09 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10274. 0.0041193326653276900.00.0061.72 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10168. 0.0041193324450382660.00.0062.55 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10273. 0.0041193323156915380.00.0061.80 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10298. 0.0041193324654530860.00.0060.63 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10123. 0.0041193337952516550.00.0061.99 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10224. 0.004119332452964970.00.0061.86 185.149.69.55http/1.1boostmarketing.com:80POST /wp-cron.php?doing_wp_cron=1666235173.203830957412
Found on 2022-10-24 21:32 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb312658ac048cdc1a2666bc1dffApache Status Apache Server Status for www.civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Monday, 24-Oct-2022 21:32:51 UTC Restart Time: Thursday, 06-Oct-2022 19:36:22 UTC Parent Server Config. Generation: 353 Parent Server MPM Generation: 352 Server uptime: 18 days 1 hour 56 minutes 29 seconds Server load: 1.39 1.24 1.33 Total accesses: 1179946 - Total Traffic: 8.8 GB - Total Duration: 654286401 CPU Usage: u112.53 s115.42 cu23479.3 cs1244.57 - 1.6% CPU load .755 requests/sec - 5.9 kB/second - 7.8 kB/request - 554.505 ms/request 20 requests currently being processed, 55 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 0322051no0yes223000 13894636yes (old gen)1no00000 22602260yes (old gen)1no00000 3322157no11yes421061 4157538yes (old gen)1no00000 7322104no0yes1411000 Sum6314 2055061 _____________R______L____.W.......................W............. ...........RRR____R_________________.....................W...... ...............................................RRRRRRRWRR_RR__R_ __R_____ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-3523220510/1/16300_ 0.0215586983020.00.00114.05 3.239.76.121h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/16168_ 0.0015290924300.00.00146.93 185.191.171.19http/1.1goingup.com:80GET /analyzer/?url=DiaryWiree.blogspot.com HTTP/1.1 0-3523220510/0/16013_ 0.00999686714220.00.00118.32 114.119.152.231h2goingup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/1/15993_ 0.024584135040.00.00118.08 2600:3000:2710:200::1dhttp/1.1vestaok.com:80GET /.well-known/acme-challenge/Zt7sdNsfyv5-I8NAWsm_QB0oa3cjDBL 0-3523220510/0/16187_ 0.0010125085931230.00.00122.12 20.26.113.150http/1.1helpcenterlive.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/1/16021_ 0.034486196620.00.00116.92 2a05:d014:3ad:701:2b2d:df53:79eb:5ee1http/1.1vestaok.com:80GET /.well-known/acme-challenge/Gjn3I6CzVcw091BGDyllp2_gUeAmpcx 0-3523220510/1/16076_ 0.034486637830.00.00119.11 2600:1f14:804:fd01:ba3a:67af:d30f:fb7bhttp/1.1vestaok.com:80GET /.well-known/acme-challenge/Zt7sdNsfyv5-I8NAWsm_QB0oa3cjDBL 0-3523220510/1/15992_ 0.222164985187270.00.00119.25 104.244.210.57h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/15855_ 0.002787784702960.00.00117.44 114.119.152.27h2goingup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/15823_ 0.002767582051280.00.00115.80 51.222.253.2http/1.1goingup.com:80GET /webstats/bp762fa/visitor_details.html?vid=6990258322044489 0-3523220510/0/15924_ 0.0027102085164800.00.00116.75 185.225.35.205http/1.1farmaceuticals.co:80POST /wp-login.php HTTP/1.1 0-3523220510/0/16001_ 0.002770791208480.00.00117.50 114.119.152.231http/1.1goingup.com:80GET /analyzer/?url=lintasmagetan.com HTTP/1.1 0-3523220510/0/15900_ 0.00271687280410.00.00116.90 194.163.40.125http/1.1boostmarketing.com:80GET /wp-login.php HTTP/1.1 0-3523220510/0/16092R 0.002747985618150.00.00121.25 162.158.203.86http/1.1civiogroup.com:443 0-3523220510/1/15923_ 0.230886230720.00.00118.89 194.195.241.186h2civiogroup.com:443idle, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 0-3523220510/1/16095_ 0.221225786797470.00.00115.83 92.40.205.84h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/15911_ 0.00273785277500.00.00115.21 138.68.229.54http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 0-3523220510/0/16111_ 0.0027885829270.00.00116.80 185.149.69.55http/1.1farmaceuticals.co:80POST /wp-cron.php?doing_wp_cron=1666646973.28957605361938476562 0-3523220510/1/16031_ 0.280486043690.00.00117.61 194.195.241.186h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/15762_ 0.00273783348230.00.00112.50 138.68.229.54http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 0-3523220511/1/15986L 0.2801583264089.50.01114.50 157.230.99.82h2civiogroup.com:443GET /server-status HTTP/2.0 0-3523220510/1/16044_ 0.221243186644730.00.00116.99 109.201.130.7h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/16051_ 0.002799590584410.00.00119.26 65.108.67.8http/1.1helpcenterlive.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-3523220510/0/16185_ 0.00274586914340.00.00115.75 65.108.67.8http/1.1helpcenterlive.com:80GET /smf/ HTTP/1.1 0-3523220510/1/15828_ 0.220210892132950.00.00114.38 194.195.241.186h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10311. 0.0041193324051529050.00.0061.13 65.109.80.253http/1.1credivis.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-26038946361/0/10167W 0.00411926051697240.00.0061.46 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 1-260-0/0/10240. 0.0041193323350303910.00.0059.63 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10333. 0.0041193326748767760.00.0057.68 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10240. 0.0041193344552138840.00.0064.67 192.99.37.132h2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10270. 0.0041193324749707620.00.0062.77 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10352. 0.0041193338952787320.00.0062.19 192.99.37.132http/1.1binarybiz.com:80GET /ar/%D8%A7%D9%84%D9%82%D8%A7%D9%86%D9%88%D9%86%D9%8A%D8%A9/ 1-260-0/0/10248. 0.0041193324953127020.00.0062.27 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10266. 0.0041193331552303290.00.0094.28 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10256. 0.0041193322850083920.00.0061.11 65.109.80.253http/1.1credivis.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10187. 0.0041193323748691710.00.0062.47 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10144. 0.0041193324949241020.00.0062.89 209.141.46.253http/1.1prospectly.net:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-260-0/0/10171. 0.0041193325650229140.00.0063.03 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10422. 0.0041193324051412380.00.0066.09 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10274. 0.0041193326653276900.00.0061.72 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10168. 0.0041193324450382660.00.0062.55 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10273. 0.0041193323156915380.00.0061.80 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10298. 0.0041193324654530860.00.0060.63 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10123. 0.0041193337952516550.00.0061.99 65.109.80.253http/1.1credivis.com:80POST /xmlrpc.php HTTP/1.1 1-260-0/0/10224. 0.004119332452964970.00.0061.86 185.149.69.55http/1.1boostmarketing.com:80POST /wp-cron.php?doing_wp_cron=1666235173.20383095741
Found on 2022-10-24 21:32 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb312658ac042658ac04bca0e1f6Apache Status Apache Server Status for www.civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Thursday, 25-Aug-2022 17:58:18 UTC Restart Time: Thursday, 25-Aug-2022 17:57:57 UTC Parent Server Config. Generation: 1 Parent Server MPM Generation: 0 Server uptime: 20 seconds Server load: 2.70 2.72 2.62 Total accesses: 74 - Total Traffic: 989 kB - Total Duration: 14478 CPU Usage: u2.23 s.15 cu.31 cs.02 - 13.5% CPU load 3.7 requests/sec - 49.4 kB/second - 13.4 kB/request - 195.649 ms/request 7 requests currently being processed, 68 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 04097855no0yes322000 14097865no3yes322020 34097921no4yes124012 Sum307 768032 _______________RWR____________________RRR_________.............. ...........____W____________________............................ ............................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-040978550/1/1_ 0.23253530.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /.git/config HTTP/1.1 0-040978550/1/1_ 0.19328280.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /telescope/requests HTTP/1.1 0-040978550/1/1_ 0.05945450.00.020.02 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8GET /login/ HTTP/1.1 0-040978550/1/1_ 0.13492920.00.060.06 195.211.77.140http/1.1civiogroup.com:443GET / HTTP/1.1 0-040978550/1/1_ 0.14311110.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /server-status HTTP/1.1 0-040978550/1/1_ 0.2521491490.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-040978550/1/1_ 0.23237370.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /s/3138352e3134392e36392e3535/_/;/META-INF/maven/com.atlass 0-040978550/1/1_ 0.27223230.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /config.json HTTP/1.1 0-040978550/1/1_ 0.36011110.00.010.01 207.154.199.221http/1.1civiogroup.com:443GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 0-040978551/0/0W 0.000000.00.000.00 207.154.199.221http/1.1civiogroup.com:443GET /server-status HTTP/1.1 0-040978550/0/0R 0.0020000.00.000.00 207.154.199.221http/1.1civiogroup.com:443 0-040978550/1/1_ 0.34011110.00.010.01 207.154.199.221http/1.1civiogroup.com:443GET /debug/default/view?panel=config HTTP/1.1 1-040978650/1/1_ 1.0947867860.00.000.00 69.162.124.230http/1.1goingup.com:80GET / HTTP/1.1 1-040978650/1/1_ 0.861217350.00.010.01 72.208.234.5h2civiogroup.com:443idle, streams: 0/24/24/0/0 (open/recv/resp/push/rst) 1-040978650/1/1_ 1.15266660.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /info.php HTTP/1.1 1-040978650/1/1_ 1.19212120.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /login.action HTTP/1.1 1-040978650/1/1_ 1.20225250.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /api/search?folderIds=0 HTTP/1.1 1-040978650/1/1_ 1.1621111110.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET / HTTP/1.1 1-040978650/2/2_ 1.30011970.00.010.01 207.154.199.221http/1.1civiogroup.com:443GET /.DS_Store HTTP/1.1 1-040978650/1/1R 0.2115105521100.00.020.02 207.154.199.221http/1.1civiogroup.com:443 1-040978650/3/3R 0.3215442460.00.120.12 207.154.199.221http/1.1civiogroup.com:443 1-040978650/11/11R 0.68147610720.00.120.12 207.154.199.221http/1.1civiogroup.com:443 1-040978650/6/6_ 0.82131223890.00.020.02 72.208.234.5h2civiogroup.com:443idle, streams: 0/22/22/0/0 (open/recv/resp/push/rst) 1-040978650/1/1_ 0.8213990.00.000.00 185.149.69.55http/1.1vestaok.com:80POST /wp-cron.php?doing_wp_cron=1661450284.84798288345336914062 1-040978650/1/1_ 0.841247950.00.010.01 72.208.234.5h2civiogroup.com:443idle, streams: 0/23/23/0/0 (open/recv/resp/push/rst) 1-040978650/1/1_ 0.871115300.00.000.00 72.208.234.5h2civiogroup.com:443idle, streams: 0/25/25/0/0 (open/recv/resp/push/rst) 1-040978650/4/4_ 1.044923430.00.440.44 72.208.234.5h2civiogroup.com:443idle, streams: 0/4/4/0/0 (open/recv/resp/push/rst) 1-040978650/1/1_ 1.10322220.00.000.00 185.149.69.55http/1.1boostmarketing.com:80POST /wp-cron.php?doing_wp_cron=1661450294.39958190917968750000 1-040978650/1/1_ 1.1039039030.00.000.00 114.119.139.59http/1.1boostmarketing.com:80GET /robots.txt HTTP/1.1 2-0-0/0/1. 0.001673730.00.000.00 72.208.234.5http/1.1a2-los-web.cloudsyhosting.com:8GET /datalogstatus.php HTTP/1.1 2-0-0/0/10. 0.00161111810.00.000.05 72.208.234.5h2civiogroup.com:443done, streams: 0/0/0/0/0 (open/recv/resp/push/rst) 3-040979210/1/1_ 0.10149490.00.000.00 207.154.199.221h2done, streams: 0/0/0/0/0 (open/recv/resp/push/rst) 3-040979210/2/2_ 0.500162300.00.010.01 207.154.199.221http/1.1civiogroup.com:443GET /.git/config HTTP/1.1 3-040979210/1/1_ 0.51011110.00.010.01 207.154.199.221http/1.1civiogroup.com:443GET /.env HTTP/1.1 3-040979210/2/2_ 0.27348480.00.000.00 207.154.241.99http/1.1authorityforge.com:80HELP 3-040979210/1/1_ 0.34340400.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /debug/default/view?panel=config HTTP/1.1 3-040979210/1/1_ 0.042186718670.00.000.00 207.154.199.221http/1.1 3-040979210/1/1_ 0.28397319470.00.020.02 69.162.124.230h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 3-040979210/1/1_ 0.34349490.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /.env HTTP/1.1 3-040979210/2/2_ 0.24374740.00.010.01 207.154.199.221http/1.1authorityforge.com:443HELP 3-040979210/1/1_ 0.163000.00.000.00 207.154.241.99http/1.1authorityforge.com:80\x16\x03\x01\x01\x05\x01 3-040979210/1/1_ 0.34334340.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 3-040979210/1/1_ 0.35211110.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /v2/_catalog HTTP/1.1 3-040979210/1/1_ 0.34344440.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /.DS_Store HTTP/1.1 3-040979210/1/1_ 0.49012120.00.010.01 207.154.199.221http/1.1civiogroup.com:443GET /telescope/requests HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot mod_fcgid status: Total FastCGI processes: 1 Process: .php-fcgi-starter (/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter) PidActiveIdleAccessesState 40980672093Ready Active and Idle are time active and time since last request, in seconds.
Found on 2022-08-25 17:58
-
-
Apache server-status page is publicly available
The server-status page (usually
/server-status) allows server administrators to find out how well their server is performing.This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
First seen 2022-06-07 06:48
Last seen 2022-12-22 21:12
Open for 198 days-
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3173b33a3073b33a30135cae1fApache Status Apache Server Status for 185.149.69.55 (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Thursday, 22-Dec-2022 21:12:33 UTC Restart Time: Wednesday, 14-Dec-2022 03:03:09 UTC Parent Server Config. Generation: 158 Parent Server MPM Generation: 157 Server uptime: 8 days 18 hours 9 minutes 23 seconds Server load: 1.45 1.15 1.17 Total accesses: 531363 - Total Traffic: 3.1 GB - Total Duration: 277924056 CPU Usage: u62.68 s37.82 cu11517 cs522.65 - 1.6% CPU load .702 requests/sec - 4406 B/second - 6.1 kB/request - 523.04 ms/request 6 requests currently being processed, 44 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 0591087no0yes322000 2592625no0yes322000 Sum200 644000 ___________R_______W_R___.........................__________RW__ _____W_____..................................................... ............................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-1575910870/18/7752_ 13.21113337401800.00.1842.44 139.144.69.48http/1.1 0-1575910870/16/7753_ 13.097332238621280.00.1742.56 185.14.187.28h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-1575910870/21/7746_ 13.017524738065140.00.1243.90 93.124.103.30h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-1575910870/22/7825_ 13.3312138763530.00.1943.60 69.162.124.228h2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-1575910870/18/7658_ 12.317412638354390.00.1074.53 93.124.103.30http/1.1goingup.com:80GET /analyzer/?url=bfcbanknotes.com%2F__media__%2Fjs%2Fnetsoltr 0-1575910870/20/7804_ 13.057512438989050.00.1543.14 93.124.103.30h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-1575910870/19/7690_ 12.987516938218600.00.1143.06 185.14.187.28http/1.1goingup.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-1575910870/22/7743_ 13.027511637937730.00.1544.73 185.14.187.28http/1.1goingup.com:80GET /questions/ HTTP/1.1 0-1575910870/25/7689_ 11.747711938827220.00.3043.56 103.204.109.135h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-1575910870/32/7828_ 13.2843838876570.00.2546.71 139.144.69.48http/1.1a2-los-web.cloudsyhosting.com:8HELP 0-1575910870/20/7707_ 13.19734543356700.00.1441.92 185.14.187.28h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-1575910871/18/7588W 12.950037077640.00.1441.75 139.144.69.48http/1.1a2-los-web.cloudsyhosting.com:8GET /info.php HTTP/1.1 0-1575910870/23/7641_ 12.6231238421010.00.1843.72 103.28.52.66http/1.1helpcenterlive.com:80GET /wp-login.php HTTP/1.1 0-1575910870/16/7597_ 12.977612636861980.00.0942.65 185.14.187.28http/1.1goingup.com:80GET /robots.txt HTTP/1.1 0-1575910870/19/7756_ 13.231216937961740.00.1744.29 51.222.253.13http/1.1goingup.com:80GET /webstats/biknnna/visitor_details.html?vid=1560652162605784 0-1575910870/14/7789_ 11.8977103437737610.00.0542.80 ::1http/1.1authorityforge.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-1575910870/28/7638_ 13.147333137866650.00.1942.05 93.124.103.30h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-1575910870/20/7591_ 12.4476537332250.00.1245.58 54.151.8.253h2goingup.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-1575910870/19/7597_ 12.65174037637440.00.2346.48 103.28.52.66http/1.1helpcenterlive.com:80GET /wp-json/wp/v2/users HTTP/1.1 0-1575910871/23/7617W 12.660038102810.00.3043.49 139.144.69.48http/1.1a2-los-web.cloudsyhosting.com:8GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-1575910870/21/7661_ 12.8723637844950.00.1747.13 139.144.69.48http/1.1 0-1575910871/22/7658W 12.930039428620.00.1244.44 139.144.69.48http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 0-1575910870/19/7681_ 12.50766347991400.00.2244.04 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-1575910870/19/7677_ 12.417612737825000.00.2045.06 51.222.253.11http/1.1goingup.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-1575910870/16/7649_ 12.8374139097050.00.1444.09 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8GET /login/ HTTP/1.1 1-157-0/0/6826. 0.005931835346200.00.0040.01 47.115.132.69h2creationshop.net:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-157-0/0/6826. 0.005938937160260.00.0039.05 47.115.132.69http/1.1creationshop.net:80GET /wp-login.php HTTP/1.1 1-157-0/0/6797. 0.00593535735010.00.0042.16 2400:8902::f03c:93ff:fe40:d6fch2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-157-0/0/6694. 0.00593536161750.00.0039.06 2400:8902::f03c:93ff:fe40:d6fch2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-157-0/0/6707. 0.00593535212210.00.0039.08 2400:8902::f03c:93ff:fe40:d6fch2binarybiz.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-157-0/0/6701. 0.00593536374650.00.0038.73 2400:8902::f03c:93ff:fe40:d6fch2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-157-0/0/6657. 0.00593534531780.00.0037.47 2400:8902::f03c:93ff:fe40:d6fch2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-157-0/0/6672. 0.005931035520970.00.0070.62 2400:8902::f03c:93ff:fe40:d6fch2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-157-0/0/6595. 0.00593533679080.00.0037.61 2400:8902::f03c:93ff:fe40:d6fch2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-157-0/0/6715. 0.0059330435419850.00.0037.65 51.222.253.5http/1.1goingup.com:80GET /webstats/xdzhxcv/visitor_details.html?vid=8239106498958406 1-157-0/0/6619. 0.00593434839220.00.0037.03 2400:8902::f03c:93ff:fe40:d6fch2binarybiz.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-157-0/0/6745. 0.00593435626820.00.0039.01 2400:8902::f03c:93ff:fe40:d6fch2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-157-0/0/6670. 0.00593934376950.00.0038.43 2400:8902::f03c:93ff:fe40:d6fch2binarybiz.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-157-0/0/6671. 0.0059397434325310.00.0039.25 2400:8902::f03c:93ff:fe40:d6fch2binarybiz.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-157-0/0/6679. 0.00593128134438140.00.0037.43 2400:8902::f03c:93ff:fe40:d6fch2binarybiz.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-157-0/0/6695. 0.0059323234875700.00.0041.45 114.119.136.138http/1.1goingup.com:80GET /analyzer/?url=www.mesumex.com HTTP/1.1 1-157-0/0/6655. 0.00593539256690.00.0038.21 2400:8902::f03c:93ff:fe40:d6fch2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-157-0/0/6647. 0.00593434740540.00.0037.58 2400:8902::f03c:93ff:fe40:d6fch2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-157-0/0/6667. 0.00593535986360.00.0039.85 2400:8902::f03c:93ff:fe40:d6fch2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-157-0/0/6711. 0.00593439122220.00.0038.40 2400:8902::f03c:93ff:fe40:d6fch2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-157-0/0/6621. 0.00593434373640.00.0039.91 2400:8902::f03c:93ff:fe40:d6fch2binarybiz.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/r
Found on 2022-12-22 21:12 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3173b33a3073b33a30a6630742Apache Status Apache Server Status for 185.149.69.55 (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Thursday, 08-Dec-2022 18:29:16 UTC Restart Time: Monday, 28-Nov-2022 17:09:52 UTC Parent Server Config. Generation: 207 Parent Server MPM Generation: 206 Server uptime: 10 days 1 hour 19 minutes 24 seconds Server load: 1.26 1.45 1.63 Total accesses: 623679 - Total Traffic: 3.5 GB - Total Duration: 396647626 CPU Usage: u80.1 s53.06 cu12651.8 cs622.13 - 1.54% CPU load .718 requests/sec - 4363 B/second - 5.9 kB/request - 635.98 ms/request 10 requests currently being processed, 65 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 12455221no0yes619000 22455115no0yes124000 32455168no0yes322000 Sum300 1065000 .........................W___W____R_W___W______R____L___________ _______________________R_______RR___............................ ............................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-206-0/0/8510. 0.001292108255112190.00.0051.47 185.245.86.147h2properpbn.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-206-0/0/8413. 0.001292126854828130.00.0048.67 64.124.8.52http/1.1helpcenterlive.com:80GET /smf/generating_code-t111.0.html;msg668 HTTP/1.1 0-206-0/0/8500. 0.00129281453841170.00.0050.30 114.119.158.133h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-206-0/0/8368. 0.00129265557240820.00.0049.41 216.244.66.227http/1.1goingup.com:80GET /features/publicwebstats.html HTTP/1.1 0-206-0/0/8368. 0.001292130056775060.00.0048.00 104.236.65.46h2binarybiz.com:443done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-206-0/0/8425. 0.001292102754746240.00.0051.80 31.3.152.100http/1.1cannaworks.co:80POST /xmlrpc.php HTTP/1.1 0-206-0/0/8373. 0.00129292652838500.00.0051.00 64.124.8.53http/1.1goingup.com:80GET /features/alexa-rank-tracking/ HTTP/1.1 0-206-0/0/8329. 0.00129212058553580.00.0049.60 138.68.229.54http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 0-206-0/0/8322. 0.001292119054321460.00.0048.93 ::1http/1.1authorityforge.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-206-0/0/8410. 0.00129224354339870.00.0051.46 103.146.203.73http/1.1dfyseo.net:80POST /wp-login.php HTTP/1.1 0-206-0/0/8335. 0.001292149853240300.00.0050.24 1.192.243.220h2properpbn.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-206-0/0/8306. 0.0012923953617370.00.0047.76 138.68.229.54http/1.1a2-los-web.cloudsyhosting.com:8GET /login/ HTTP/1.1 0-206-0/0/8352. 0.001292103454479810.00.0047.64 ::1http/1.1authorityforge.com:80GET / HTTP/1.1 0-206-0/0/8287. 0.0012923653725140.00.0049.05 138.68.229.54http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 0-206-0/0/8330. 0.001292105353146700.00.0051.34 185.245.86.147h2properpbn.com:443idle, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 0-206-0/0/8236. 0.001292954003170.00.0046.51 185.149.69.55http/1.1effectiveoutreach.net:80POST /wp-cron.php?doing_wp_cron=1670522703.97714591026306152343 0-206-0/0/8439. 0.0012921855589360.00.0051.62 92.204.134.137http/1.1authorityforge.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-206-0/0/8368. 0.0012923853031300.00.0049.89 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 0-206-0/0/8375. 0.00129283853105310.00.0049.75 45.64.156.213http/1.1helpcenterlive.com:80POST /wp-login.php HTTP/1.1 0-206-0/0/8340. 0.001292131053953340.00.0046.46 ::1http/1.1authorityforge.com:80GET / HTTP/1.1 0-206-0/0/8428. 0.00129298253939340.00.0047.59 64.124.8.21http/1.1binarybiz.com:80GET /robots.txt HTTP/1.1 0-206-0/0/8317. 0.00129269058809450.00.0050.34 114.119.148.175http/1.1goingup.com:80GET /analyzer/?url=www.xvidz.fun HTTP/1.1 0-206-0/0/8391. 0.0012921754950080.00.0084.04 92.204.134.137http/1.1authorityforge.com:80GET /wp-login.php HTTP/1.1 0-206-0/0/8400. 0.0012923755332010.00.0050.13 138.68.229.54http/1.1a2-los-web.cloudsyhosting.com:8done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-206-0/0/8242. 0.0012921553185330.00.0048.94 104.254.90.203http/1.1authorityforge.com:80POST /xmlrpc.php HTTP/1.1 1-20624552210/12/8051_ 7.3801347380890.00.1342.19 139.59.135.127http/1.1a2-los-web.cloudsyhosting.com:8GET /info.php HTTP/1.1 1-20624552210/13/7987_ 6.798751949285400.00.0642.40 216.245.221.82h2binarybiz.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-20624552210/12/8035_ 7.340449694440.00.1245.92 139.59.135.127http/1.1a2-los-web.cloudsyhosting.com:8GET /telescope/requests HTTP/1.1 1-20624552210/13/7970_ 6.66067847910290.00.1045.85 139.59.135.127http/1.1 1-20624552211/10/8037W 6.190047679240.00.5054.70 139.59.135.127http/1.1a2-los-web.cloudsyhosting.com:8GET /server-status HTTP/1.1 1-20624552210/8/7960_ 5.93563948057480.00.0446.82 5.39.5.14http/1.1goingup.com:80done, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 1-20624552210/12/7886_ 7.0514116247645260.00.0743.67 ::1http/1.1authorityforge.com:80GET / HTTP/1.1 1-20624552210/11/7930_ 5.95572448941250.00.0645.10 5.39.5.14h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-20624552210/11/7901_ 7.0611111147504450.00.0644.72 185.245.86.147h2properpbn.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-20624552210/13/7998_ 7.380448396810.00.0546.50 139.59.135.127http/1.1a2-los-web.cloudsyhosting.com:8GET /.env HTTP/1.1 1-20624552210/13/7919_ 6.841149850304280.00.0543.79 139.59.135.127http/1.1 1-20624552210/14/7775_ 7.380947480990.00.1345.80 139.59.135.127http/1.1a2-los-web.cloudsyhosting.com:8GET /.git/config HTTP/1.1 1-20624552210/10/7805_ 6.801447424210.00.0645.74 139.59.135.127http/1.1 1-20624552210/12/7898_ 6.56379854002810.00.1141.83 139.59.135.127http/1.1 1-20624552210/13/7958_ 6.9873119850040790.00.0847.75 ::1http/1.1authorityforge.com:80GET / HTTP/1.1 1-20624552210/12/7769_ 7.380945508750.00.0443.38 139.59.135.127http/1.1a2-los-web.cloudsyhosting.com:8GET /s/5353e29363e2934313e2538313/_/;/META-INF/maven/com.atlass 1-20624552210/10/7930_ 7.2113747711710.00.0943.75 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 1-20624552210/14/7914_ 7.1233547131220.00.0844.25 139.59.135.127http/1.1a2-los-web.cloudsyhosting.com:8HELP 1-20624552210/13/7983_ 7.0810103647796410.00.1244.49 185.245.86.147h2properpbn.com:443idle, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 1-20624552210/9/7892_ 6.48361246529210.00.0346.54 3.238.44.255http/1.1goingup.com:80GET / HTTP/1.1 1-20624552210/11/7866_ 6.233865647113530.00.0244.61 52.47.168.63http/1.1goingup.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-20624552210/8/7869_ 6.60265447942240.00.0545.51 139.59.135.127http/1.1 1-20624552210/13/7791_ 7.380947647290.00.0743.81 139.59.135.127http/1.1a2-los-web.cloudsyhosting.com:8
Found on 2022-12-08 18:29 -
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3173b33a3073b33a30a453efd2Apache Status Apache Server Status for 185.149.69.55 (via 185.149.69.55) Server Version: Apache/2.4.53 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-03-14T16:28:35 Current Time: Tuesday, 07-Jun-2022 06:48:05 UTC Restart Time: Wednesday, 01-Jun-2022 21:40:33 UTC Parent Server Config. Generation: 110 Parent Server MPM Generation: 109 Server uptime: 5 days 9 hours 7 minutes 31 seconds Server load: 5.17 6.60 5.85 Total accesses: 472733 - Total Traffic: 3.4 GB - Total Duration: 528307504 CPU Usage: u65.08 s26.84 cu10076.6 cs491.92 - 2.29% CPU load 1.02 requests/sec - 7.6 kB/second - 7.4 kB/request - 1117.56 ms/request 7 requests currently being processed, 43 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 03426064no3yes520021 13426332no4yes223040 Sum207 743061 ______W_LW_____W_W______________W_R_______________.............. ................................................................ ............................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-10934260640/25/6229_ 12.44157165212810.00.2239.26 51.222.253.2http/1.1goingup.com:80GET /webstats/xdtujnb/visitor_details.html?vid=8700566466547900 0-10934260640/12/6182_ 11.13073765836230.00.0738.22 23.239.22.135http/1.1 0-10934260640/24/6183_ 12.44159566326000.00.3540.02 192.99.15.185http/1.1goingup.com:80GET /webstats/xz3w3mx/visitor_details.html?vid=8102626933868070 0-10934260640/20/6131_ 12.16619666141050.00.0637.84 49.51.52.241http/1.1properpbn.com:80GET /error.php?phpshells HTTP/1.1 0-10934260640/23/6077_ 12.690468109030.00.1240.10 23.239.22.135http/1.1a2-los-web.cloudsyhosting.com:8GET /telescope/requests HTTP/1.1 0-10934260640/18/6155_ 12.040964321500.00.1236.49 185.149.69.55http/1.1properpbn.com:80POST /wp-cron.php?doing_wp_cron=1654584429.63875198364257812500 0-10934260641/21/6085W 12.340064638790.00.1538.24 23.239.22.135http/1.1a2-los-web.cloudsyhosting.com:8GET /.env HTTP/1.1 0-10934260640/23/6175_ 12.41398966781400.00.2134.20 51.222.253.15http/1.1goingup.com:80GET /webstats/xdqg3jb/visitor_details.html?vid=4615825654817118 0-10934260642/17/6136L 12.680467230003.60.2334.30 23.239.22.135http/1.1a2-los-web.cloudsyhosting.com:8GET /info.php HTTP/1.1 0-10934260641/18/6039W 12.380065507530.00.2337.66 23.239.22.135http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 0-10934260640/17/6172_ 12.2133765798240.00.0738.85 138.68.229.54http/1.1a2-los-web.cloudsyhosting.com:8done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 0-10934260640/22/6202_ 12.40522365634660.00.2247.83 49.51.52.241http/1.1properpbn.com:80GET /cgialfa HTTP/1.1 0-10934260640/17/6128_ 12.31060672942830.00.1134.30 23.239.22.135http/1.1 0-10934260640/20/6096_ 12.110108667087040.00.2181.78 23.239.22.135http/1.1 0-10934260640/13/6085_ 11.736147865827910.00.1939.35 119.94.181.63http/1.1grownation.co:80POST /wp-admin/admin-ajax.php HTTP/1.1 0-10934260641/13/6178W 11.710067594850.00.1242.83 23.239.22.135http/1.1a2-los-web.cloudsyhosting.com:8GET /?rest_route=/wp/v2/users/ HTTP/1.1 0-10934260640/16/6112_ 12.280466082710.00.0837.27 210.16.102.195http/1.1seobiz.com:80GET //.env HTTP/1.1 0-10934260641/13/6125W 12.130066079320.00.0836.97 23.239.22.135http/1.1a2-los-web.cloudsyhosting.com:8GET /s/dnc/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-di 0-10934260640/23/6105_ 12.04358867265660.00.2436.64 51.222.253.11http/1.1goingup.com:80GET /webstats/xdzhxcv/visitor_details.html?vid=9015607938349023 0-10934260640/24/6154_ 11.63063768107790.00.3936.24 51.222.253.9http/1.1goingup.com:80GET /webstats/bp762fa/visitor_details.html?vid=7663809772888700 0-10934260640/17/6164_ 12.30056565582990.00.1139.50 23.239.22.135http/1.1 0-10934260640/20/6195_ 12.3303666202160.00.1942.32 23.239.22.135http/1.1 0-10934260640/18/6072_ 12.4803766712490.00.1037.55 23.239.22.135http/1.1a2-los-web.cloudsyhosting.com:8HELP 0-10934260640/23/6091_ 12.660566672610.00.1736.73 23.239.22.135http/1.1a2-los-web.cloudsyhosting.com:8GET /.git/config HTTP/1.1 0-10934260640/21/6088_ 12.680466520320.00.0542.27 23.239.22.135http/1.1a2-los-web.cloudsyhosting.com:8GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-10934263320/26/6117_ 18.2248268849700.00.2139.06 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 1-10934263320/29/6067_ 17.8063972515760.00.2042.43 138.68.229.54http/1.1a2-los-web.cloudsyhosting.com:8GET /login/ HTTP/1.1 1-10934263320/36/6178_ 18.390469578310.00.2337.63 23.239.22.135http/1.1a2-los-web.cloudsyhosting.com:8GET /.DS_Store HTTP/1.1 1-10934263320/31/5975_ 17.05377366752470.00.4137.13 51.222.253.1http/1.1goingup.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-10934263320/23/6075_ 18.293322668563040.00.2138.15 2604:a880:0:1010::1:7001http/1.1pinnacleonefunding.com:80GET / HTTP/1.1 1-10934263320/29/6031_ 17.91055367849730.00.2439.52 23.239.22.135http/1.1 1-10934263320/28/6087_ 17.69023766606080.00.2136.08 23.239.22.135http/1.1 1-10934263321/28/6033W 17.720066621570.00.3643.01 23.239.22.135http/1.1a2-los-web.cloudsyhosting.com:8GET /server-status HTTP/1.1 1-10934263320/26/6008_ 17.9037667796630.00.1642.55 210.16.102.195http/1.1seobiz.com:80POST / HTTP/1.1 1-10934263320/24/6090R 17.700068151490.00.3246.52 157.245.38.42h2properpbn.com:443POST /xmlrpc.php HTTP/2.0 1-10934263320/22/5976_ 17.988149267385170.00.1638.73 119.94.181.63http/1.1grownation.co:80POST /wp-admin/admin-ajax.php HTTP/1.1 1-10934263320/28/5968_ 17.87321267215360.00.2441.19 49.51.52.241http/1.1properpbn.com:80GET /ALFA_DATA HTTP/1.1 1-10934263320/25/6029_ 17.74658068095960.00.2237.89 51.222.253.19http/1.1goingup.com:80GET /webstats/bikchj6/visitor_details.html?vid=1070008575865406 1-10934263320/26/5877_ 16.250164363991260.00.2137.57 23.239.22.135http/1.1 1-10934263320/29/5992_ 16.690969403500.00.3938.25 23.239.22.135http/1.1 1-10934263320/22/5975_ 18.273304568213380.00.2935.02 2604:a880:0:1010::1:7001h2newfidelityfunding.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-10934263320/25/5869_ 18.30352064695560.00.2932.20 ::1http/1.1authorityforge.com:80GET / HTTP/1.1 1-10934263320/18/6052_ 16.65357268480300.00.1747.46 51.222.253.7http/1.1goingup.com:80done, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-10934263320/29/6074_ 17.510566551690.00.1936.57 23.239.22.135http/1.1 1-10934263320/23/5904_ 17.450164466970300.00.2149.29 49.51.52.241http/1.1properpbn.com:80GET /archives.php HTTP/1.1 1-10934263320/29/5998_ 18.31256070159810.00.2450.76 51.222.253.18http/1.1goingup.com:80GET /webstats/mnqt5qn/visitor_details.html?vid=1211023953770258 1-10934263320/19/6040_ 17.32380866255080.00.1935.93 192.99.15.185http/1.1goingup.com:80GET /webstats/xz3w3mx/visitor_details.html?vid=8019049472169116 1-10934263320/26/6101_ 18.293198969533630.00.2743.20 2604:a880:0:1010::1:7001h2centurylawinc.com:443idle, streams: 0
Found on 2022-06-07 06:48
-
-
Apache server-status page is publicly available
The server-status page (usually
/server-status) allows server administrators to find out how well their server is performing.This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
First seen 2022-08-25 17:58-
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb312658ac042658ac04234aa094Apache Status Apache Server Status for www.civiogroup.com (via 185.149.69.55) Server Version: Apache/2.4.54 (Debian) OpenSSL/1.1.1n mod_fcgid/2.3.9 Server MPM: event Server Built: 2022-06-09T04:26:43 Current Time: Thursday, 25-Aug-2022 17:58:14 UTC Restart Time: Thursday, 25-Aug-2022 17:57:57 UTC Parent Server Config. Generation: 1 Parent Server MPM Generation: 0 Server uptime: 17 seconds Server load: 2.68 2.72 2.62 Total accesses: 55 - Total Traffic: 922 kB - Total Duration: 13724 CPU Usage: u1.62 s.13 cu.31 cs.02 - 12.2% CPU load 3.24 requests/sec - 54.2 kB/second - 16.8 kB/request - 249.527 ms/request 5 requests currently being processed, 70 idle workers SlotPIDStoppingConnections ThreadsAsync connections totalacceptingbusyidlewritingkeep-aliveclosing 04097855no0yes124000 14097865no3yes223020 34097921no1yes223001 Sum304 570021 ________W_____________________W___W_______________.............. ...........___________W_______R_____............................ ............................................... Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqDurConnChildSlotClientProtocolVHostRequest 0-040978551/0/0W 0.000000.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /telescope/requests HTTP/1.1 0-040978550/1/1_ 0.05645450.00.020.02 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8GET /login/ HTTP/1.1 0-040978550/1/1_ 0.13192920.00.060.06 195.211.77.140http/1.1civiogroup.com:443GET / HTTP/1.1 0-040978551/0/0W 0.000000.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /server-status HTTP/1.1 0-040978551/0/0W 0.000000.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /?rest_route=/wp/v2/users/ HTTP/1.1 1-040978650/1/1_ 1.0917867860.00.000.00 69.162.124.230http/1.1goingup.com:80GET / HTTP/1.1 1-040978650/1/1_ 0.86917350.00.010.01 72.208.234.5h2civiogroup.com:443idle, streams: 0/24/24/0/0 (open/recv/resp/push/rst) 1-040978651/0/0W 0.000000.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /info.php HTTP/1.1 1-040978651/0/0W 0.000000.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET / HTTP/1.1 1-040978650/1/1_ 0.021342850.00.000.00 72.208.234.5h2civiogroup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 1-040978650/1/1_ 0.2112105521100.00.020.02 72.208.234.5h2civiogroup.com:443idle, streams: 0/2/2/0/0 (open/recv/resp/push/rst) 1-040978650/3/3_ 0.3212442460.00.120.12 72.208.234.5h2civiogroup.com:443idle, streams: 0/5/5/0/0 (open/recv/resp/push/rst) 1-040978650/11/11_ 0.68117610720.00.120.12 72.208.234.5h2civiogroup.com:443idle, streams: 0/16/16/0/0 (open/recv/resp/push/rst) 1-040978650/6/6_ 0.82101223890.00.020.02 72.208.234.5h2civiogroup.com:443idle, streams: 0/22/22/0/0 (open/recv/resp/push/rst) 1-040978650/1/1_ 0.8210990.00.000.00 185.149.69.55http/1.1vestaok.com:80POST /wp-cron.php?doing_wp_cron=1661450284.84798288345336914062 1-040978650/1/1_ 0.84947950.00.010.01 72.208.234.5h2civiogroup.com:443idle, streams: 0/23/23/0/0 (open/recv/resp/push/rst) 1-040978650/1/1_ 0.87815300.00.000.00 72.208.234.5h2civiogroup.com:443idle, streams: 0/25/25/0/0 (open/recv/resp/push/rst) 1-040978650/4/4_ 1.041923430.00.440.44 72.208.234.5h2civiogroup.com:443idle, streams: 0/4/4/0/0 (open/recv/resp/push/rst) 1-040978650/1/1_ 1.10022220.00.000.00 185.149.69.55http/1.1boostmarketing.com:80POST /wp-cron.php?doing_wp_cron=1661450294.39958190917968750000 1-040978650/1/1_ 1.1009039030.00.000.00 114.119.139.59http/1.1boostmarketing.com:80GET /robots.txt HTTP/1.1 2-0-0/0/1. 0.001373730.00.000.00 72.208.234.5http/1.1a2-los-web.cloudsyhosting.com:8GET /datalogstatus.php HTTP/1.1 2-0-0/0/10. 0.00131111810.00.000.05 72.208.234.5h2civiogroup.com:443done, streams: 0/0/0/0/0 (open/recv/resp/push/rst) 3-040979210/1/1_ 0.101049490.00.000.00 192.241.191.198http/1.1a2-los-web.cloudsyhosting.com:8GET / HTTP/1.1 3-040979210/1/1_ 0.1162142140.00.000.00 185.149.69.55http/1.1vestaok.com:80POST /wp-admin/upgrade.php?step=upgrade_db HTTP/1.1 3-040979210/2/2_ 0.27048480.00.000.00 207.154.241.99http/1.1authorityforge.com:80HELP 3-040979210/1/1_ 0.0411186718670.00.000.00 ::1http/1.1authorityforge.com:80GET / HTTP/1.1 3-040979210/1/1_ 0.28097319470.00.020.02 69.162.124.230h2goingup.com:443idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst) 3-040979211/0/0W 0.000000.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /.env HTTP/1.1 3-040979210/2/2_ 0.24074740.00.010.01 207.154.199.221http/1.1authorityforge.com:443HELP 3-040979210/1/1_ 0.160000.00.000.00 207.154.241.99http/1.1authorityforge.com:80\x16\x03\x01\x01\x05\x01 3-040979210/0/0R 0.0017000.00.000.00 3-040979211/0/0W 0.000000.00.000.00 207.154.241.99http/1.1civiogroup.com:80GET /.DS_Store HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request DurSum of milliseconds required to process all requests ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot mod_fcgid status: Total FastCGI processes: 1 Process: .php-fcgi-starter (/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter) PidActiveIdleAccessesState 40980671763Ready Active and Idle are time active and time since last request, in seconds. SSL/TLS Session Cache Status: cache type: SHMCB, shared memory: 512000 bytes, current entries: 18subcaches: 32, indexes per subcache: 88time left on oldest entries' objects: avg: 288 seconds, (range: 282...299)index usage: 0%, cache usage: 0%total entries stored since starting: 18total entries replaced since starting: 0total entries expired since starting: 0total (pre-expiry) entries scrolled out of the cache: 0total retrieves since starting: 0 hit, 1 misstotal removes since starting: 0 hit, 0 miss
Found on 2022-08-25 17:58
-