%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /home/br2t/tmp/awstats/ssl/
Upload File :
Create Path :
Current File : /home/br2t/tmp/awstats/ssl/awstats052026.br2t.com.txt

AWSTATS DATA FILE 7.9 (build 20230108)
# If you remove this file, all statistics for date 202605 will be lost/reset.
# Last config file used to build this data file was /home2/br2t/tmp/awstats/ssl/awstats.br2t.com.conf.

# Position (offset in bytes) in this file for beginning of each section for
# direct I/O access. If you made changes somewhere in this file, you should
# also remove completely the MAP section (AWStats will rewrite it at next
# update).
BEGIN_MAP 28
POS_GENERAL 2040                
POS_TIME 2711                
POS_VISITOR 41328               
POS_DAY 41646               
POS_DOMAIN 3461                
POS_LOGIN 3714                
POS_ROBOT 3869                
POS_WORMS 4034                
POS_EMAILSENDER 4165                
POS_EMAILRECEIVER 4308                
POS_SESSION 41811               
POS_FILESIZE 42700               
POS_SIDER 41957               
POS_FILETYPES 4443                
POS_DOWNLOADS 4653                
POS_OS 4701                
POS_BROWSER 4827                
POS_SCREENSIZE 4972                
POS_UNKNOWNREFERER 5046                
POS_UNKNOWNREFERERBROWSER 5223                
POS_ORIGIN 5331                
POS_SEREFERRALS 5464                
POS_PAGEREFS 5608                
POS_SEARCHWORDS 5756                
POS_KEYWORDS 5908                
POS_MISC 2374                
POS_ERRORS 5967                
POS_CLUSTER 3570                
POS_SIDER_404 6158                
END_MAP

# LastLine    = Date of last record processed - Last record line number in last log - Last record offset in last log - Last record signature value
# FirstTime   = Date of first visit for history file
# LastTime    = Date of last visit for history file
# LastUpdate  = Date of last update - Nb of parsed records - Nb of parsed old records - Nb of parsed new records - Nb of parsed corrupted - Nb of parsed dropped
# TotalVisits = Number of visits
# TotalUnique = Number of unique visitors
# MonthHostsKnown   = Number of hosts known
# MonthHostsUnKnown = Number of hosts unknown
BEGIN_GENERAL 8
LastLine 20260601000904 604 147572 14124564456685
FirstTime 0
LastTime 20260519061415
LastUpdate 20260601092621 604 0 603 0 0
TotalVisits 5                   
TotalUnique 5                   
MonthHostsKnown 0                   
MonthHostsUnknown 7                   
END_GENERAL

# Misc ID - Pages - Hits - Bandwidth
BEGIN_MISC 10
FlashSupport 0 0 0
AddToFavourites 0 14 0
DirectorSupport 0 0 0
PDFSupport 0 0 0
JavascriptDisabled 0 0 0
JavaEnabled 0 0 0
TotalMisc 0 0 0
RealPlayerSupport 0 0 0
QuickTimeSupport 0 0 0
WindowsMediaPlayerSupport 0 0 0
END_MISC

# Hour - Pages - Hits - Bandwidth - Not viewed Pages - Not viewed Hits - Not viewed Bandwidth
BEGIN_TIME 24
0 0 0 0 1331 1370 546808
1 0 0 0 4517 4524 725877
2 0 0 0 707 718 153952
3 0 0 0 1581 1612 555760
4 0 0 0 1428 1454 325379
5 0 0 0 352 359 402736
6 1 1 12325 328 376 464765
7 0 0 0 1355 1387 471333
8 1 1 12320 328 351 347009
9 0 10 17710 464 483 670445
10 0 0 0 1121 1238 3693059
11 0 0 0 291 301 374426
12 0 0 0 2514 2530 449695
13 2 2 69135 37473 37513 359791706
14 28 28 344895 974 987 573414
15 0 0 0 1773 1791 1710694
16 0 0 0 2046 2147 3402633
17 0 0 0 699 727 891560
18 0 0 0 295 308 194099
19 0 0 0 617 631 538896
20 0 0 0 2807 2817 890429
21 1 1 0 1290 1298 308492
22 0 0 0 868 883 561384
23 0 0 0 708 727 2088398
END_TIME

# Domain - Pages - Hits - Bandwidth
# The 25 first Pages must be first (order not required for others)
BEGIN_DOMAIN 3
de 28 28 344895
us 3 8 33500
br 2 7 77990
END_DOMAIN

# Cluster ID - Pages - Hits - Bandwidth
BEGIN_CLUSTER 0
END_CLUSTER

# Login - Pages - Hits - Bandwidth - Last visit
# The 10 first Pages must be first (order not required for others)
BEGIN_LOGIN 0
END_LOGIN

# Robot ID - Hits - Bandwidth - Last visit - Hits on robots.txt
# The 25 first Hits must be first (order not required for others)
BEGIN_ROBOT 1
scanner 5 69747 20260514155457 0
END_ROBOT

# Worm ID - Hits - Bandwidth - Last visit
# The 5 first Hits must be first (order not required for others)
BEGIN_WORMS 0
END_WORMS

# EMail - Hits - Bandwidth - Last visit
# The 20 first Hits must be first (order not required for others)
BEGIN_EMAILSENDER 0
END_EMAILSENDER

# EMail - Hits - Bandwidth - Last visit
# The 20 first hits must be first (order not required for others)
BEGIN_EMAILRECEIVER 0
END_EMAILRECEIVER

# Files type - Hits - Bandwidth - Bandwidth without compression - Bandwidth after compression
BEGIN_FILETYPES 9
Unknown 8 143050 0 0
jpg 2 8670 0 0
1 1 12322 0 0
env 17 209386 0 0
gif 4 1314 0 0
js 2 2382 0 0
png 2 5344 0 0
html 6 61599 0 0
save 1 12318 0 0
END_FILETYPES

# Downloads - Hits - Bandwidth
BEGIN_DOWNLOADS 0
END_DOWNLOADS

# OS ID - Hits
BEGIN_OS ID - Hits - Pages 5
ios_iphone 5 0
linux 2 2
win10 5 0
macosx5 28 28
Unknown 3 3
END_OS

# Browser ID - Hits - Pages
BEGIN_BROWSER 6
chrome3.0.198 28 28
Unknown 1 1
safari 5 0
chrome147.0.0.0 5 0
chrome142.0.0.0 2 2
mozilla 2 2
END_BROWSER

# Screen size - Hits
BEGIN_SCREENSIZE 0
END_SCREENSIZE

# Unknown referer OS - Last visit date
BEGIN_UNKNOWNREFERER 2
Mozilla/5.0_(compatible;_SentinelIQ-Pentest/1.0) 20260512132900
ct2ips/1.0 20260518213556
END_UNKNOWNREFERER

# Unknown referer Browser - Last visit date
BEGIN_UNKNOWNREFERERBROWSER 1
ct2ips/1.0 20260518213556
END_UNKNOWNREFERERBROWSER

# Origin - Pages - Hits 
BEGIN_ORIGIN 6
From0 33 33
From1 0 0
From2 0 0
From3 0 0
From4 0 10
From5 0 0
END_ORIGIN

# Search engine referers ID - Pages - Hits
BEGIN_SEREFERRALS 0
END_SEREFERRALS

# External page referers - Pages - Hits
# The 25 first Pages must be first (order not required for others)
BEGIN_PAGEREFS 0
END_PAGEREFS

# Search keyphrases - Number of search
# The 10 first number of search must be first (order not required for others)
BEGIN_SEARCHWORDS 0
END_SEARCHWORDS

# Search keywords - Number of search
# The 25 first number of search must be first (order not required for others)
BEGIN_KEYWORDS 0
END_KEYWORDS

# Errors - Hits - Bandwidth
BEGIN_ERRORS 8
503 5 0
406 5182 1159380
301 5386 1445621
403 46 499177
401 3 156
421 8 2534
409 21712 1802096
404 34137 375152500
END_ERRORS

# URL with 404 errors - Hits - Last URL referrer
BEGIN_SIDER_404 1379
/uploads/..%2F..%2F..%2F..%2Fetc%2Fpasswd 1 -
/static/..%2f..%2f..%2f..%2fetc%2fpasswd 1 -
/.gitconfig 1 -
/api/redirect%0D%0AX-Injected:%20true 1 -
/package-updates/update.cgi 2 -
/chat/* 2 -
/service-account.json 5 -
/var/task/next.config.js 2 -
/wp-includes/js/crop/ 3 -
/google-service-account.json 4 -
/api/v1/orders/c1662062-32a6-44d1-a13e-8cc6fb495160 1 -
/login%0a%0dX-Injected:%20sentinel 1 -
/grafana 1 -
/auth%E5%98%8A%E5%98%8DLocation:%20https://evil.sentinel.example.com 1 -
/api/token 3 -
/debug/default/view 3 -
/CHANGELOG.txt 1 -
/.astro/manifest.json 1 -
/redirect%0d%0aX-Injected:%20true 1 -
/dashboard/* 2 -
/api/users/99999999 1 -
/webhook-test/* 2 -
/auth/login 12 https://br2t.com/auth/login
/api/swagger.yaml 1 -
/api/v1/summaries 2 -
/app/next.config.js 2 -
/.github/dependabot.yml 2 -
/login%250d%250aX-Injected:%20sentinel-double 1 -
/API/common.js 2 -
/wp-includes/theme-compat/ 1 -
/console 3 -
/server/constants.js 2 -
/_session 1 -
/wp-json/wp/v2/users/me 1 -
/server/app.js 2 -
/RDWeb 1 https://www.google.com
/wp-content/plugins/ 2 -
/login%E5%98%8A%E5%98%8DX-Injected:%20sentinel-unicode 1 -
/home/*/.aws/credentials 2 -
/*/[slug] 2 -
/app/amplify.yml 2 -
/users/1 1 -
/collection.json 1 -
/backend/config/common.js 2 -
/logout%0D%0ASet-Cookie:%20session=hijacked 1 -
/wp-content/ai1wm-backups/ 2 -
/wp-login.php 179 https://www.google.com
/auth/reset 1 -
/clientaccesspolicy.xml 1 -
/api/items/1 1 -
/api/user/1 1 -
/graphql/v2 1 -
/env.yaml 2 -
/api/v1/soap 2 -
/css/dmtixucz/golden-access/ 1 -
/global-protect/login.esp 1 https://www.google.com
/oauth/redirect_uri 2 -
/appsettings.Development.json 8 -
/api/ 62 -
/v1 3 -
/sitecore/shell/sitecore.version.xml 2 -
/config/config.js 2 -
/amplify/team-provider-info.json 2 -
/api/v1/files/1 1 -
/.git/description 2 -
/auth\\r\\nX-Injected:%20sentinel-literal 1 -
/index.jsp 2 -
/config.json 5 -
/api/node/constant.js 2 -
/redirect%0D%0ASet-Cookie:%20session=hijacked 1 -
/api/v1/upload 1 -
/credentials.ini 2 -
/rest/* 2 -
/api/v2 5 -
/var/task/docker-compose.yml 2 -
/api/user/999999 1 -
/api/documentation.json 2 -
/global.asax 1 -
/v2/* 2 -
/app/nuxt.config.js 2 -
/src/FileUpload.js 2 -
/wp-includes/ID3/ 1 -
/api/passkey/login/options 1 -
/.git/COMMIT_EDITMSG 4 -
/media/..%2F..%2F..%2Fetc%2Fpasswd 1 -
/api/v1/users 26 -
/api/v3 4 -
/.terraform.tfstate 2 -
/.git-secret 2 -
/site.zip 1 -
/staging/ 1 -
/auth/backup-code 1 -
/account/00000000-0000-0000-0000-000000000001 1 -
/api/signup 2 -
/debug 1 -
/.netlify/functions/* 2 -
/.github/funding.yml 2 -
/_profiler/phpinfo 6 -
/assets 54 -
/.env.prod 7 -
/api/admin/users/1 1 -
/ws/ 4 -
/api/v1/admin/roles 1 -
/login%0d%0aX-Injected-Header:%20crlf-sentinel-001 1 -
/auth 157 https://br2t.com/auth
/api/v1/auth 60 -
/src/constant.js 2 -
/auth%0d%0a%0d%0a<html><body>sentinel-split-001</body></html> 1 -
/env 8 -
/compose.yaml 2 -
/login 290 -
/default.shtml 4 -
/.ssh/id_ed25519 1 -
/rest/xml 9 -
/src/config/constants.js 2 -
/login%0D%0A%0D%0A<html><body>sentinel-split-002</body></html> 1 -
/api/v2/status 2 -
/auth%0aX-Injected:%20sentinel-lf 1 -
/constants.ini 2 -
/account/recovery 1 -
/redirect%0D%0AX-Injected:%20true 1 -
/.env.example 6 -
/api/redirect%0d%0aX-Injected-Header:%20crlf-sentinel-001 1 -
/api/admin 4 -
/package-updates/* 2 -
/server.js 2 -
/api/redirect 137 -
/manage/* 2 -
/v1/sys/health 1 -
/login%0d%0aSet-Cookie:%20csrf=override 1 -
/auth%250d%250aX-Injected:%20sentinel-double 1 -
/api/users/2 2 -
/redirect%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%8D<html>sentinel-split-unicode</html> 1 -
/swagger-ui 2 -
/api/users/me 1 -
/newsletter 8 https://br2t.com/newsletter
/.env.stage 2 -
/openapi.json 9 -
/package-updates/save.cgi 2 -
/www.zip 2 -
/CdnHelper.java 1 https://br2t.com/
/[slug] 2 -
/admin/controller/extension/extension/ 1 -
/suportetecnico/wp-login.php%7Czione%7CCasa4578./ 2 -
/products 3 -
/api/v1/debug 2 -
/API/config.js 2 -
/ 12 -
/wp-includes/js/tinymce/skins/lightgray/ 2 -
/redirect%0d%0aSet-Cookie:%20csrf=override 1 -
/.git/config 36 -
/.well-known/abuse-reporting 1 -
/api/* 2 -
/api/env 3 -
/app-config.json 2 -
/v3 2 -
/api/webhook 13 -
/config/env.js 2 -
/wp_mail_smtp.ini 2 -
/bundle.js 2 -
/../.env 1 -
/api/login 114 -
/.env.project 2 -
/stripe/config.json 2 -
/storage/../../../.env 1 -
/credentials.csv 2 -
/docker/registry/config.yml 2 -
/owa/auth.owa 12 https://br2t.com/owa/auth/logon.aspx
/redirect%0aX-Injected:%20sentinel-lf 1 -
/gcp-key.json 1 -
/.env.dist 4 -
/wp-includes/PHPMailer 2 -
/wp-admin/index.php 1 https://br2t.com/suportetecnico/wp-login.php
/_profiler/open 1 -
/appsettings.Production.json 8 -
/config/server.js 3 -
/_layouts/* 2 -
/wp-includes/blocks/block/ 2 -
/conf.yaml 2 -
/logout%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%8D<html>sentinel-split-unicode</html> 1 -
/_next/static/buildManifest.js 1 -
/api/docs 2 -
/config/stripe.json 2 -
/template.yaml 2 -
/swagger-ui.html 4 -
/wp-json/wp/v2/posts 1 -
/api/reset-password 1 -
/.env.save 14 -
/auth%E5%98%8A%E5%98%8DX-Injected:%20sentinel-unicode 1 -
/config.prod.ini 2 -
/settings/* 2 -
/.next/build-manifest.json 1 -
/api.raml 1 -
/login%0d%0a%0d%0a<html><body>sentinel-split-001</body></html> 1 -
/api/v1/orders 1 -
/sa.json 1 -
/redirect%0D%0A%0D%0A<html><body>sentinel-split-002</body></html> 1 -
/appsettings.QA.json 2 -
/var/task/vercel.json 2 -
/actuator/env/aws 5 -
/.env.sample 3 -
/wp-includes/images/crystal/ 1 -
/test/ 1 -
/app/* 2 -
/dist/..%2F..%2F..%2F..%2Fetc%2Fpasswd 1 -
/ping 2529 -
/.npmrc 4 -
/app.log 1 -
/app/.env.local 4 -
/proc/index.cgi 2 -
/CVS/Entries 1 -
/redirect 142 -
/_vercel/insights 2 -
/.env.save.1 2 -
/s3.yaml 2 -
/auth/totp 1 -
/wp-includes/js/tinymce/themes/ 1 -
/logout%0D%0ALocation:%20//evil.sentinel.example.com 1 -
/shop/[category]/* 2 -
/posts/* 2 -
/.git-credentials 5 -
/constants.yml 2 -
/media/download 1 -
/api/orders/999999 1 -
/[[...optional]] 2 -
/%2f.env 2 -
/%2fbackend%2f.env 2 -
/erin1.PhP7 2 -
/actuator 6 -
/info 3 -
/rest/oauth2-credential/auth 2 -
/projects/* 2 -
/Docker.md 2 -
/config/constant.js 2 -
/var/task/netlify.toml 2 -
/config/credentials/production.key 1 -
/_all_dbs 1 -
/wp-content/plugins/wp-google-map-gold/assets/js/maps.js 1 https://br2t.com/
/api/v1/orders/4e191f73-69ad-48da-806f-80156af06486 1 -
/rest/logout 2 -
/config/config.json 2 -
/suportetecnico/wp-content/plugins/init-help/init.php 2 -
/api/v0 2 -
/login%0d%0aLocation:%20https://evil.sentinel.example.com 1 -
/wp-includes/phpmailer/ 8 -
/.env.backup2 1 -
/database.yml 2 -
/home 3 -
/logout%0d%0aSet-Cookie:%20evil=1 1 -
/..%2f..%2f..%2fetc%2fpasswd 2 -
/api/products 27 -
/* 2 -
/api/openapi.yaml 2 -
/.env.testing 2 -
/logout%0d%0aX-Injected:%20true 1 -
/local.settings.json 1 -
/wp-includes/certificates/ 3 -
/aws.yml 2 -
/config/parameters.yml 2 -
/login\\r\\nX-Injected:%20sentinel-literal 1 -
/secrets.yaml 3 -
/attacker/docker-compose.yml 2 -
/api/orders/00000000-0000-0000-0000-000000000001 1 -
/config/secrets.yml 5 -
/api/v1/transfer 1 -
/community/alumni 1 -
/api/auth/webauthn/register 1 -
/file 54 -
/config.php 2 -
/api/test 2531 -
/publish/* 2 -
/syncData.ts 1 https://br2t.com/
/api/v1/env 3 -
/terraform/terraform.tfvars.json 2 -
/server/php/ 1 -
/wp-json/burst/v1/mainwp-auth 1 -
/API/config/common.js 2 -
/ads.txt 32 -
/services 1 -
/_layouts/15/ 1 -
/software/*.cgi 2 -
/.env.1 5 -
/v3/api-docs 2 -
/root/.gitconfig 2 -
/deploy.sh 2 -
/admin/login 3 -
/.config/gcloud/application_default_credentials.json 1 -
/view 54 -
/db.sql.gz 2 -
/randkeyword.PhP7/ 1 -
/api/v1/profile/2 1 -
/_users 1 -
/auth/webauthn/login/options 1 -
/settings 12 -
/computeMetadata/v1/ 1 -
/%2f.aws%2fcredentials 2 -
/api/edge/inngest 1 -
/redirect%250d%250aX-Injected:%20sentinel-double 1 -
/api/v1/users/00000000-0000-0000-0000-000000000000 2 -
/.git/objects 2 -
/.DS_Store 1 -
/web/config/common.js 2 -
/actuator/loggers 1 -
/client/stripe.config.js 2 -
/.well-known/stripe/ 2 -
/api/templates/env 1 -
/.well-known/pki-validation 2 -
/gcp-credentials.json 1 -
/redirect%E5%98%8A%E5%98%8DLocation:%20https://evil.sentinel.example.com 1 -
/logout%0D%0AX-Injected-Header:%20crlf-sentinel-002 1 -
/cos_upload.py 1 https://br2t.com/
/_config 1 -
/alumni-network 1 -
/api/redirect%0a%0dX-Injected:%20sentinel 1 -
/sysinfo.cgi 2 -
/__wp_probe_admin_does_not_exist.php 1 -
/admin/* 2 -
/api/env.js 2 -
/suportetecnico/br2t/ 2 https://www.google.com/
/logout%0d%0aLocation:%20https://evil.sentinel.example.com 1 -
/pdfjs/web/viewer.html 1 -
/api/constants.js 2 -
/robots.txt 266 -
/about/alumni 1 -
/app.yml 2 -
/wp-content/uploads/2024/ 1 -
/wp-json 3 -
/api/v1/executions 2 -
/__wp_probe_caioxi_does_not_exist.php 1 -
/nginx_status 1 -
/Web.Debug.config 1 -
/api/thumbnail 1 -
/manager 1 -
/.well-known/jwks.json 2 -
/.env.production.save 2 -
/trpc/* 2 -
/put-test 1 -
/api/passkey/login/verify 1 -
/api/v1/users/98916e19-4f79-1301-83d8-973d35769197 1 -
/.env2 1 -
/appsettings.Staging.json 8 -
/app/serverless.yml 2 -
/gcp_key.json 1 -
/.env.staging 7 -
/stripe.json 2 -
/app/netlify.toml 2 -
/.git/logs/refs/remotes/origin/master 2 -
/profile/2 2 -
/api/accounts/1 1 -
/.env.development.local 3 -
/site/wp-admin/ 2 -
/var/task/next.config.mjs 2 -
/.travis.yml 1 -
/aws-ses.json 2 -
/config/database.yml 1 -
/api/v1/accounts/98916e19-4f79-1301-83d8-973d35769197 1 -
/__debug 2 -
/proxy 12 -
/wp-json/wp/v2 1 -
/config/application.yml 2 -
/api/v1/accounts/00000000-0000-0000-0000-000000000000 1 -
/LOG.md 2 -
/cms/* 2 -
/api/graphql 4 -
/dashboard 16 -
/remote/login 2 https://www.google.com
/api/1.0 2 -
/api/redoc 2 -
/login%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%8D<html>sentinel-split-unicode</html> 1 -
/package-updates/apt.cgi 2 -
/admin/ 5 -
/WebInterface/ 2 -
/AutoDiscover/autodiscover.xml 52 -
/.env 2 -
/dev/ 1 -
/api/webauthn/login/options 1 -
/.git/hooks 2 -
/wp-includes/sitemaps/providers/ 1 -
/root/.s3cfg 2 -
/.env.remote 1 -
/application.properties 2 -
/register 7 -
/pma 1 -
/uploads/..%2f..%2f..%2f..%2fetc%2fpasswd 1 -
/v1/graphql 1 -
/auth/logout 1 -
/wp-admin/admin-ajax.php 4 -
/rest/tags 2 -
/load 53 -
/index.js 3 -
/.well-known/stripe.txt 2 -
/api/orders/2 2 -
/preview 28 -
/.git/refs/heads/master 6 -
/suportetecnico/wp-login.php%7Czione%7CCasa4578./start 1 -
/api/sonicos/is-sslvpn-enabled 1 https://www.google.com
/wp-content/plugins/xt/ 2 -
/aws.env.json 2 -
/api/v1/ 7 -
/.git-askpass.sh 2 -
/crossdomain.xml 2 -
/api/items/2 1 -
/icons/sphere1.png 2 -
/filefuns 2 www.google.com
/teams/* 2 -
/.github/CODEOWNERS 2 -
/api/v1/files/2 1 -
/.vscode/sftp.json 1 -
/_utils 1 -
/logout%0aX-Injected:%20sentinel-lf 1 -
/api/v1/profile/1 1 -
/.git/logs/HEAD 6 -
/api/auth/mfa 1 -
/api/redirect%0d%0a%0d%0a<html><body>sentinel-split-001</body></html> 1 -
/var/task/nuxt.config.ts 2 -
/api/media 1 -
/config/credentials/production.yml.enc 1 -
/api/webauthn/authentication/begin 1 -
/api/lookup 2530 -
/webhook 2 -
/wp-admin/js/ 4 -
/blog/wp-login.php 3 -
/api/v1/users/me 2 -
/Dockerfile 3 -
/api/redirect%0d%0aSet-Cookie:%20csrf=override 1 -
/api/data/* 2 -
/cloud-key.json 1 -
/docs/ 2 -
/config.yml 3 -
/users/2 1 -
/api/redirect%E5%98%8A%E5%98%8DX-Injected:%20sentinel-unicode 1 -
/ws 1 -
/upload 11 -
/api/v1/accounts/2 2 -
/admin/config/constants.js 2 -
/profile 12 -
/auth%0d%0aX-Injected-Header:%20crlf-sentinel-001 1 -
/dist/manifest.json 1 -
/api/search 39 -
/logout%0d%0a%0d%0a<html><body>sentinel-split-001</body></html> 1 -
/.git/info/exclude 2 -
/pricing 1 -
/.dockerignore 2 -
/.well-known/passkey-endpoints 26 -
/[workspace]/* 2 -
/assets/app.js 1 -
/.well-known/openid-configuration 4 -
/server/constant.js 2 -
/api/v1/messages/2 1 -
/logout%0d%0aSet-Cookie:%20csrf=override 1 -
/redirect%0D%0AX-Injected-Header:%20crlf-sentinel-002 1 -
/pages/* 2 -
/wp-content/plugins/vr-calendar-sync/assets/js/public.js 1 -
/admin/api 1 -
/.env.production 20 -
/articles/* 2 -
/directory 1 -
/functions/.runtimeconfig.json 1 -
/api/swagger-ui.html 2 -
/auth/callback 8 -
/api/invoices/00000000-0000-0000-0000-000000000001 1 -
/auth%0D%0AX-Injected:%20true 1 -
/settings.py 5 -
/settings.ini 2 -
/admin/config/database.js 2 -
/symfony/_profiler/phpinfo 2 -
/info.php 2 -
/docs/redoc 2 -
/administrator/index.php 5 -
/docs/api 2 -
/fileupload/server/php/ 1 -
/api/webauthn/login/verify 1 -
/api/swagger.json 3 -
/import 11 -
/var/task/serverless.json 2 -
/.env.aws 2 -
/download 60 -
/.git/ORIG_HEAD 2 -
/api/users/1 3 -
/status 1 -
/actuator/env/cloud 5 -
/Jenkinsfile 1 -
/sendgrid.env 2 -
/api/redirect%0d%0aLocation:%20https://evil.sentinel.example.com 1 -
/api/v1/workflows 2 -
/redirect%0dX-Injected:%20sentinel-cr 1 -
/root/.netrc 2 -
/wp-admin/admin.php 2 -
/[id] 2 -
/api/data 5 -
/signin 130 https://br2t.com/signin
/.github 2 -
/%22//tag.goadopt.io/injector.js 2 -
/wp-json/ 6 -
/index.stm 3 -
/api/command 2601 -
/wp-admin/css/colors/ectoplasm/ 35 -
/api/invoices/999999 1 -
/src/config/common.js 2 -
/auth%0D%0ASet-Cookie:%20session=hijacked 1 -
/state.js 2 -
/servers/save.cgi 2 -
/account/99999999 1 -
/server/config/constants.js 2 -
/api/v1/account 21 -
/..%c0%af..%c0%af..%c0%afetc/passwd 1 -
/actuator/threaddump 1 -
/suportetecnico/wp-login.php%7Czione%7CCasa4578./home 1 -
/notifications/* 2 -
/dist/..%2F..%2F..%2Fetc%2Fpasswd 1 -
/config/aws.yml 2 -
/staging/config/config.js 2 -
/config/credentials/development.key 1 -
/gcloud-service-key.json 1 -
/var/task/amplify/backend/function/*/src/index.js 2 -
/api/internal/debug 2 -
/_nuxt/builds/latest.json 1 -
/serverless.yml 2 -
/wp-includes/pomo/ 1 -
/checkout 14 -
/api/run 2529 -
/jsonapi 1 -
/auth/signin 8 https://br2t.com/auth/signin
/package-updates/index.cgi 2 -
/php_info 1 -
/rest/oauth1-credential/auth 2 -
/_react/data/* 2 -
/.terraform/credentials.tfrc.json 2 -
/auth/* 2 -
/login%0d%0aSet-Cookie:%20crlftest=1 1 -
/.amplifyrc 2 -
/aws-codecommit/ 2 -
/.env.dev 8 -
/vercel.json 2 -
/myproject/settings.py 2 -
/suportetecnico/wp-login.php%7Czione%7CCasa4578./checkout 1 -
/login%0d%0aX-Injected:%20true 1 -
/portainer 1 -
/rest/users 2 -
/embed 28 -
/constant.js 2 -
/api/session/properties 2 -
/google-credentials.json 1 -
/services/environments.ini 2 -
/sslvpn_logon.shtml 1 https://www.google.com
/server/env.js 2 -
/webpack-stats.json 1 -
/api/v1/accounts/c1662062-32a6-44d1-a13e-8cc6fb495160 1 -
/runtime-config.js 2 -
/../../../etc/passwd%00 1 -
/public/server/php/ 1 -
/api/v1 6 -
/dist/..%2f..%2f..%2f..%2fetc%2fpasswd 1 -
/shop/wp-login.php 1 -
/exec 2529 -
/appsettings.Local.json 2 -
/.%2567%2569%2574/%2563%256F%256E%2566%2569%2567 1 -
/appsettings.local.json 1 -
/saml/metadata 2 -
/index.shtm 4 -
/api/invoices/99999999 1 -
/_next/static/* 2 -
/api/subscribe 8 https://br2t.com/api/subscribe
/app/config/parameters.yml 3 -
/auth/forgot 1 -
/env.json 5 -
/auth%0D%0A%0D%0A<html><body>sentinel-split-002</body></html> 1 -
/.cache 2 -
/search 13 https://br2t.com/search
/htdocs.zip 1 -
/[locale]/* 2 -
/docker/overlay/config.json 2 -
/app/next.config.mjs 2 -
/.pypirc 2 -
/ALFA_DATA/alfacgiapi/perl.alfa 1 -
/.git/ 2 -
/internal 1 -
/api/items/999999 1 -
/media/..%2F..%2F..%2F..%2Fetc%2Fpasswd 1 -
/admin/constants.js 2 -
/app/config/parameters.yml.dist 2 -
/build-manifest.json 1 -
/software/update.cgi 2 -
/app/.terraform/terraform.tfstate 2 -
/wp-includes/rest-api/ 1 -
/s3/.aws/config 2 -
/rest/login 2 -
/env.js 4 -
/.env.yaml 1 -
/siteheads 2 www.google.com
/openapi.yml 2 -
/api/webauthn/authentication/finish 1 -
/.git/refs/heads/main 5 -
/signup 15 -
/config.js 4 -
/wp-includes/fonts/ 4 -
/api/v1/orders/00000000-0000-0000-0000-000000000000 1 -
/redirect%0d%0aLocation:%20https://evil.sentinel.example.com 1 -
/controller.js 2 -
/docker-compose.yml 3 -
/api/auth/webauthn/authentication/verify 1 -
/server/config.js 2 -
/auth%0D%0AX-Injected-Header:%20crlf-sentinel-002 1 -
/sonar 1 -
/app/terraform.tfstate 2 -
/application_default_credentials.json 1 -
/root/.aws/config 2 -
/.svn/entries 4 -
/api/v2/debug 2 -
/api/config/env 1 -
/s3/bucket 2 -
/cgi-bin/authLogin.cgi 2 -
/swagger.json 9 -
/chat 2 -
/messages/* 2 -
/api/2fa/verify 1 -
/storage/logs/laravel.log 2 -
/fetch 5 -
/wp-admin/maint/ 3 -
/api/oembed 2 -
//wp-includes/ID3/license.txt 3 -
/staging/config.js 2 -
/aws_s3_bucket 2 -
/api/v1/import 9 -
/api/v1/invoices/1 2 -
/api-docs 4 -
/.git/info 2 -
/auth/saml2/metadata 1 -
/dev/env.js 2 -
/api/products/999999 1 -
/query 4 -
/wp-includes/block-supports/ 1 -
/api/settings.py 2 -
/app/amplify.yaml 2 -
/public/..%2f..%2f..%2f..%2fetc%2fpasswd 1 -
/files/..%2f..%2f..%2f..%2fetc%2fpasswd 1 -
/wp-json/buddypress/v1/signup 1 -
/assets/manifest.json 2 -
/package-updates/download.cgi 2 -
/Web.Release.config 1 -
/.github/workflows/ci.yml 2 -
/render 54 -
/sms.ts 1 https://br2t.com/
/id_ed25519 1 -
/media/..%2f..%2f..%2f..%2fetc%2fpasswd 1 -
/api/v1/me 1 -
/.env.local 25 -
/api/v1/status 2 -
/manifest.webmanifest 2 -
/logout%0D%0AX-Injected:%20true 1 -
/web/config/constants.js 2 -
/ern1.PhP7 2 -
/.aws/credentials 11 -
/logout%0d%0aX-Injected-Header:%20crlf-sentinel-001 1 -
/str636%20unique%20HTTP%20paths%20emitted%20ipe/webhook_secret.env 2 -
/api/v1/orders/1 2 -
/web/constant.js 2 -
/file-manager/initialize 2 -
/rest/credential-translation 2 -
/reset-password 1 -
/s3/credentials 2 -
/identity 2 -
/.git/refs/remotes/origin/HEAD 2 -
/workspaces/* 2 -
/api/openapi.json 4 -
/actuator/heapdump 1 -
/redirect%0a%0dX-Injected:%20sentinel 1 -
/health 3 -
/wp-admin/js/widgets/ 3 -
/account/1 2 -
/public/stripe.js 2 -
/v2/swagger.json 2 -
/credentials.js 2 -
/actions/* 2 -
/debug/vars 2 -
/api/export 1 -
/config/default.json 1 -
/owa/ 2 -
/content/* 2 -
/static/js/main.js 2 -
/config/app.js 2 -
/api/redirect%E5%98%8A%E5%98%8DLocation:%20https://evil.sentinel.example.com 1 -
/API/config/constants.js 2 -
/php.php 1 -
/src/config/config.json 2 -
/api/passkeys/register/finish 1 -
/api/accounts/2 1 -
/config/constants.js 2 -
/.well-known/openpgpkey/hu/t1ie536sgnbi74yzq5ggcr4eodkb8ked 2 -
/rest 3 -
/root/.boto 2 -
/postman 1 -
/prod/config.js 2 -
/api/v1/invoices/c1662062-32a6-44d1-a13e-8cc6fb495160 1 -
/payment/* 2 -
/access.log 1 -
/api/v1/accounts/1 2 -
/credentials.go 2 -
/admin/constant.js 2 -
/admin/utils.js 2 -
/s3/buckets 2 -
/management 2 -
/wp-content/uploads/2023/08/ 1 -
/auth%0a%0dX-Injected:%20sentinel 1 -
/readme.md 2 -
/api/templates/default 1 -
/api/contact 12 https://br2t.com/api/contact
/admin/.env 15 -
/graphql/v1 3 -
/api/v1/documents/1 1 -
/kibana 1 -
/.gitlab 2 -
/.env.preprod 1 -
/api/user/2 1 -
/assets/..%2F..%2F..%2Fetc%2Fpasswd 1 -
/wp-includes/pomo 2 -
/_ignition/execute-solution 6 -
/api/v1/config 2 -
/en/* 2 -
/aws/bucket 2 -
/insta-compose.yml 2 -
/stripe-credentials.json 2 -
/app/vercel.json 2 -
/api/dns/resolve 1 -
/server/config/common.js 2 -
/__nextjs_action/* 2 -
/wp-admin/css/colors/coffee/ 2 -
/wp-content/themes/seotheme/mar.php 1 www.google.com
/redirect%0d%0aSet-Cookie:%20crlftest=1 1 -
/actuator/env 8 -
/.env.uat 1 -
/admin/index 1 -
/api/ping 2530 -
/logout%0dX-Injected:%20sentinel-cr 1 -
/.well-known/openpgpkey/policy 2 -
/config/environment.rb 2 -
/actuator/httptrace 2 -
/backup.tar.gz 2 -
/_waku/* 2 -
/.gitmodules 2 -
/form-test/* 2 -
/wp-content/plugins/seoplugins/mar.php 1 www.google.com
/orders/* 2 -
/web/app.js 2 -
/api/redirect%0D%0AX-Injected-Header:%20crlf-sentinel-002 1 -
/vpn 1 https://www.google.com
/s3.yml 2 -
/docs 3 -
/var/task/nuxt.config.js 2 -
/system 2529 -
/credentials.json 9 -
/billing/* 2 -
/wp-content/uploads/ 27 -
/swagger-ui/index.html 3 -
/cart 10 -
/.env.template 1 -
/admin/server/php/ 1 -
/api/url 2 -
/api/v1/* 2 -
/wp-includes/html-api/ 32 -
/backend/env.js 2 -
/api/diagnostics 1 -
/uploads/..%2F..%2F..%2Fetc%2Fpasswd 1 -
/firebase-adminsdk.json 1 -
/.aws/config 4 -
/__env.js 2 -
/aws/s3/env.env 2 -
/api/health 3 -
/sam-template.yaml 2 -
/wp-content/debug.log 7 -
/.gitignore 2 -
/.gitlab/merge_request_templates 2 -
/.env.docker 5 -
/.hg/requires 2 -
/docker-cloud.yml 2 -
/rest/v1 1 -
/api/users/* 2 -
/app/.git/config 2 -
/favicon-32x32.png 2 -
/media/upload 1 -
/ecosystem.config.js 1 -
/backend/node/constants.js 2 -
/randkeyword.PhP8 2 -
/api/redirect%0d%0aSet-Cookie:%20crlftest=1 1 -
/api/products/1 1 -
/form 2 -
/blog 2 -
/api/posts/999999 1 -
/.env.dev.local 2 -
/graphql 100 -
/api/status 2 -
/stripe-keys.json 2 -
/api/docs/api.json 2 -
/graphiql 1 -
/api/auth/mfa/verify 1 -
/phpinfo.php 2 -
/api/user 7 -
/signout 8 -
/security.txt 3 -
/api/v1/export 1 -
/static/..%2F..%2F..%2F..%2Fetc%2Fpasswd 1 -
/auth%0d%0aSet-Cookie:%20csrf=override 1 -
/wp-admin/css/colors/ectoplasm 2 -
/_next/data/*/about.json 2 -
/suportetecnico/wp-login.php%7Czione%7CCasa4578. 1 -
/wp-admin/css/colors/ocean/ 1 -
/actuator/beans 3 -
/api/register 2 -
/api/v1/sentinel-nonexistent 1 -
/google-key.json 1 -
/Telerik.Web.UI.WebResource.axd 2 -
/manager/html 2 -
/local_settings.py 1 -
/api/auth/webauthn/authentication/options 1 -
/blog/[year]/[month]/[slug] 2 -
/service_account.json 1 -
/rest/workflows/run 2 -
/src/constants.js 2 -
/.docker/secrets.json 2 -
/api/v1/users/4e191f73-69ad-48da-806f-80156af06486 1 -
/package.json 1 https://br2t.com/
/src/env.js 2 -
/api/preview 2 -
/serviceAccountKey.json 4 -
/users/00000000-0000-0000-0000-000000000001 1 -
/auth.json 1 -
/test.php 1 -
/waku/* 2 -
/owa 1 https://www.google.com
/static/historypage.js 2 -
/assets/..%2F..%2F..%2F..%2Fetc%2Fpasswd 1 -
/wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/3EME12wz3JebNPJzJ7UKmEy6c7z.txt 1 -
/__nextjs_action 2 -
/var/task/package.json 2 -
/api/users/search 1 -
/webhooks/incoming/stripe.json 2 -
/alfa-rexhp1.p 1 -
/v2/api-docs 4 -
/panel 1 -
/[...catchAll] 2 -
/auth%0d%0aSet-Cookie:%20crlftest=1 1 -
/wordpress/wp-content/ai1wm-backups/ 2 -
/api/v1/reports/1 2 -
/user/* 2 -
/assets/images/ 1 -
/.gitlab-ci.yml 2 -
/app/docker-compose.yml 2 -
/api/upload 15 -
/openapi.yaml 4 -
/firebase-service-account.json 3 -
/application.yml 3 -
/api/v1/messages/1 1 -
/.well-known/admin 1 -
/api/templates 1 -
/.git/logs/refs/heads/master 2 -
/payment_gateways/stripe.yaml 2 -
/.git/hooks/post-commit 2 -
/api/render 3 -
/.runtimeconfig.json 1 -
/api/v1/vhosts/vid-1 4 -
/old/aws_config 2 -
/api/screenshot 2 -
/admin/env 5 -
/_vti_bin/* 2 -
/phpinfo 3 -
/api/config 5 -
/config/aws.json 2 -
/redirect%0d%0aSet-Cookie:%20evil=1 1 -
/wp-admin/network/ 2 -
/api/node/config.js 2 -
/../../.env 1 -
/.git/objects/info 2 -
/staging/config/common.js 2 -
/_next/static/chunks/main.js 1 -
/logout%0d%0aSet-Cookie:%20crlftest=1 1 -
/settings.json 4 -
/parameters.yml 1 -
/.env_copy 1 -
/settings.yaml 2 -
/api/2.0 2 -
/debug/pprof/ 2 -
/public/..%2F..%2F..%2Fetc%2Fpasswd 1 -
/var/task/serverless.yml 2 -
/main.js 1 -
/stripe.config.js 2 -
/api/redirect\\r\\nX-Injected:%20sentinel-literal 1 -
/get_mech_list 1 -
/docker-compose.yaml 1 -
/wp-content/plugins/xt 2 -
/home/*/.netrc 2 -
/secrets.json 7 -
/.git 2 -
/aws/config/s3.json 2 -
/api/redirect%0d%0aX-Injected:%20true 1 -
/webhook-waiting/* 2 -
/manage/env 5 -
/.git/packed-refs 3 -
/credentials.yml 1 -
/email/unsubscribe 2 -
/api/auth/webauthn/login/options 1 -
/.github/ISSUE_TEMPLATE 2 -
/var/log/app.log 1 -
/oauth/authorize 2 -
/api/v1/documents/2 1 -
/rest/settings 3 -
/login%0d%0aSet-Cookie:%20evil=1 1 -
/api/v1/users/c1662062-32a6-44d1-a13e-8cc6fb495160 1 -
/firebase-key.json 1 -
/.env.backup1 1 -
/_nuxt/manifest.json 2 -
/app.js 3 -
/moddofuns 2 www.google.com
/package-updates/ 2 -
/s3.secret 2 -
/rest/variables 2 -
/wp-links-opml 2 -
/.vercel/functions/* 2 -
/config/environment.json 2 -
/admin/dashboard 5 -
/api/v1/register 12 -
/api/v1/admin/users/1 1 -
/rest/executions 2 -
/.boto 2 -
/NOTES.md 2 -
/wordpress/wp-login.php 2 -
/api/v1/users/1 27 -
/suportetecnico/wp-login.php%7Czione%7CCasa4578./wp-json/slider-future/v1/upload-image/ 2 -
/api/v1/health 2 -
/api/serverless/* 2 -
/.env.txt 1 -
/service 4 -
/admin/config/common.js 2 -
/backend 6 -
/.gitlab-ci 2 -
/wp-content/et-cache/ 2 -
/s3/backup 2 -
/api/fetch 29 -
/api/posts/2 1 -
/.composer/auth.json 1 -
/api/docs.json 2 -
/v2 2 -
/redirect%0d%0aX-Injected-Header:%20crlf-sentinel-001 1 -
/api/config/constants.js 2 -
/backend/config.js 2 -
/metadata/instance 1 -
/gtm.js 2 -
/wp-includes/widgets/ 1 -
/api/constant.js 2 -
/api/dns 2529 -
/api/password-reset 1 -
/debug.log 1 -
/api/v1/streams 5 -
/src/config/stripe.ts 2 -
/v1/* 2 -
/images/ 1 -
/api/server.js 2 -
/api/v1/settings 12 -
/actuator/logfile 1 -
/src/syncData.ts 1 https://br2t.com/
/backup.sql.gz 2 -
/static/manifest.json 1 -
/xleet/ 1 -
/app/config/development.ini 2 -
/store/wp-login.php 4 -
/config.ts 2 -
/login%0D%0AX-Injected-Header:%20crlf-sentinel-002 1 -
/redirect%0D%0ALocation:%20//evil.sentinel.example.com 1 -
/logout\\r\\nX-Injected:%20sentinel-literal 1 -
/api/v1/invoices/00000000-0000-0000-0000-000000000000 1 -
/api/v1/search 1 -
/.well-known/webauthn-config 3 -
/metrics 5 -
/API/config/database.js 2 -
/dist/.vite/manifest.json 1 -
/console/* 2 -
/var/task/docker-compose.yaml 2 -
/api/v1/invoices/2 2 -
/.env.local.save 2 -
/config/env.json 2 -
/config/credentials.yml.enc 1 -
/var/task/amplify.yml 2 -
/wsdl 1 -
/wp-includes/css/ 1 -
/wp-includes/Requests/library/ 2 -
/auth%0d%0aX-Injected:%20true 1 -
/asset-manifest.json 2 -
/admin/assets/jquery-file-upload/server/php/ 1 -
/loaders/* 2 -
/config/stripe.yaml 2 -
/.git/hooks/pre-commit 2 -
/files/download 1 -
/aws_credentials.ini 2 -
/user/1 1 -
/api/admin/debug 2 -
/aws.json 2 -
/sitemap.xml 38 -
/careers/alumni 1 -
/var/task/amplify.yaml 2 -
/api/download 29 -
/.env.development 13 -
/admin/config 2 -
/.git/FETCH_HEAD 4 -
/api/v1/auth/login 1 -
/wp-content/plugins/fusion-builder/js/fusion-plugin.js 1 -
/api/invoices/1 2 -
/wp-includes/ALFA_DATA/alfacgiapi/perl.alfa 2 -
/CHANGELOG.md 1 -
/api/proxy 31 -
/account/2 2 -
/index.shtml 2 -
/api/inngest 1 -
/dnscfg.cgi 2 -
/sdk.js 2 -
/api/auth/session 4 -
/.s3cfg 2 -
/.env-sample 2 -
/.env_backup 1 -
/var/task/next.config.ts 2 -
/start 3 -
/artifactory 1 -
/terraform.tfstate 5 -
/error.log 1 -
/var/task/serverless.yaml 2 -
/requirements.txt 1 https://br2t.com/
/env.rb 2 -
/wp-includes/Text/Diff/Renderer/ 1 -
/uploads/ 6 -
/package-updates/perform.cgi 2 -
/unsubscribe 1 -
/package-updates/*.cgi 2 -
/public/..%2F..%2F..%2F..%2Fetc%2Fpasswd 1 -
/appsettings.Test.json 2 -
/phpinfo/ 2 -
/api/redirect%0aX-Injected:%20sentinel-lf 1 -
/admin/controller/extension/ 6 -
/home/*/.gitconfig 2 -
/api/v1/profile 27 -
/api/admin/config 1 -
/.github/workflows 2 -
/wp-includes/sodium_compat/ 2 -
/_layouts/15/* 2 -
/docs/api.json 2 -
/software/install-updates.cgi 2 -
/abuse 1 -
/config/storage.yml 1 -
//feed/ 3 -
/actuator/mappings 2 -
/redoc 3 -
/swagger 2 -
/.env.ci 1 -
/backend/node/constant.js 2 -
/backend/node/config.js 2 -
/aws/s3/credentials 2 -
/backend/constants.js 2 -
/alumni 2 -
/api/orders/1 2 -
/app/package.json 2 -
/sms_config.py 1 https://br2t.com/
/api/v1/templates 1 -
/rest/node-types 2 -
/xml 9 -
/auth%0dX-Injected:%20sentinel-cr 1 -
/actuator/trace 1 -
/constants.js 3 -
/sugar_version.json 2 -
/admin 31 https://www.google.com
/.env.production.local 1 -
/api/common.js 2 -
/.kube/config 2 -
/login%0D%0AX-Injected:%20true 1 -
/oauth/* 2 -
/app.yaml 2 -
/DOCS.md 2 -
/backoffice 2 -
/elasticsearch_cluster_yml 2 -
/integrations/* 2 -
/api/users/00000000-0000-0000-0000-000000000001 1 -
/stripe.env 2 -
/logout%0a%0dX-Injected:%20sentinel 1 -
/.env.docker.dev 2 -
/staging/config/constants.js 2 -
/_next/data/*/index.json 2 -
/stats.json 1 -
/nexus 1 -
/api/network 1 -
/api/auth/login 1 -
/config/utils.js 2 -
/s3/bucket.env 2 -
/_react/action/* 2 -
/config/database.js 1 -
/about 2 -
/jenkins/login 1 -
/api/v1/orders/2 2 -
/.env.int 2 -
/wp-includes/css/dist/block-library/ 2 -
/root/.aws/credentials 2 -
/config/application.properties 2 -
/login/mfa 1 -
/secrets.env 1 -
//xmlrpc.php 1 -
/.netrc 1 -
/connectionstrings.config 1 -
/.env.json 1 -
/api/v1/items 1 -
/package-updates/refresh.cgi 2 -
/account 4 -
/api/internal/users/1 1 -
/api/auth/forgot-password 1 -
/api/passkeys/authenticate/finish 1 -
/admin/assets/plugins/jquery-file-upload/server/php/ 1 -
/.env.live 3 -
/static 54 -
/rest/credentials-for-node 2 -
/api/webhook/* 2 -
/api/products/2 1 -
/wp/wp-admin/includes/ 1 -
/api/avatar 2 -
/redirect%0d%0a%0d%0a<html><body>sentinel-split-001</body></html> 1 -
/randkeyword.PhP7 27 -
/website.zip 2 -
/redirect\\r\\nX-Injected:%20sentinel-literal 1 -
/.git/objects/pack 2 -
/.well-known/security.txt 6 -
/BackEnd/config.js 2 -
/wp-content/plugins/WordPressCore/ 23 -
/fr/* 2 -
/app 1 -
/env.txt 3 -
/s3.properties 2 -
/administrator/ 4 -
/config/common.js 2 -
/IAM.md 2 -
/api/v1/ping 2529 -
/dana-na 1 https://www.google.com
/composer.lock 1 -
/plesk 2 -
/*/[id] 2 -
/wp-includes/rest-api/fields/ 2 -
/api/users 132 -
/configs/application.ini 2 -
/app/.env.production 2 -
/circle.yml 2 -
/config.yaml 4 -
/jenkins 1 -
/login%E5%98%8A%E5%98%8DLocation:%20https://evil.sentinel.example.com 1 -
/login%0D%0ASet-Cookie:%20session=hijacked 1 -
/api/auth/reset-password 1 -
/logout 144 -
/constants.json 2 -
/api/v1/invoices/98916e19-4f79-1301-83d8-973d35769197 1 -
/root/.git-credentials 2 -
/api/redirect%250d%250aX-Injected:%20sentinel-double 1 -
/file/upload 1 -
/user/2 1 -
/.env-1 1 -
/api/config.js 2 -
/auth%0D%0ALocation:%20//evil.sentinel.example.com 1 -
/.env.config 2 -
/wp-admin/user/ 1 -
/.env1 1 -
/api/xml 10 -
/actuator/health 1 -
/backend/constant.js 2 -
/backend/config/constants.js 2 -
/solr/ 2 -
/wp-json/wp/v2/users 55 -
/api/v1/invoices/4e191f73-69ad-48da-806f-80156af06486 1 -
/api/account 2 -
/rest/v2 1 -
/aws_s3_config.json 2 -
/.github/stale.yml 2 -
/static/js/app.js 1 -
/appsettings.json 8 -
/files/..%2F..%2F..%2F..%2Fetc%2Fpasswd 1 -
/[tenant]/* 2 -
/soap 9 -
/api/accounts/999999 1 -
/healthz 4 -
/api/v2/health 2 -
/profile/99999999 1 -
/doiconvs 2 www.google.com
/.github/PULL_REQUEST_TEMPLATE.md 2 -
/static/..%2F..%2F..%2Fetc%2Fpasswd 1 -
/secrets.yml 3 -
/api/exec 2529 -
/administrator 2 -
/package-updates/install.cgi 2 -
/aws.yaml 2 -
/api/v2/settings 2 -
/api/users/1,2,3 1 -
/api/convert 1 -
/.git/logs/refs/heads/main 2 -
/media/* 2 -
/firebase-config.json 3 -
/forgot-password 2 -
/adminer.php 1 -
/api/redirect%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%8D<html>sentinel-split-unicode</html> 1 -
/files/..%2F..%2F..%2Fetc%2Fpasswd 1 -
/rest/workflows 2 -
/wp-json/gravitysmtp/v1/tests/mock-data 12 -
/api/debug 2 -
/src/app.js 2 -
/js/NewWindow_2_all.js 2 -
/readme.html 1 -
/xmlrpc.php 24 -
/index.php 3 -
/api/v1/login 26 -
/index.html 1 -
/form/* 2 -
/api/redirect%0dX-Injected:%20sentinel-cr 1 -
/api/v1/reports/2 2 -
/stripe.yaml 2 -
/old/ 1 -
/wp-includes/css/dist/widgets/ 1 -
/api/passkeys/authenticate/begin 1 -
/chosen 2 -
/editor/* 2 -
/api/redirect%0D%0ASet-Cookie:%20session=hijacked 1 -
/.svc 1 -
/api/settings 2 -
/logout%250d%250aX-Injected:%20sentinel-double 1 -
/CdnConfig.java 1 https://br2t.com/
/config.rb 2 -
/README.md 2 -
/auth%E5%98%8A%E5%98%8D%E5%98%8A%E5%98%8D<html>sentinel-split-unicode</html> 1 -
/servers/link.cgi 2 -
/wp-json/trx_addons/v2/get/sc_layout 1 -
/gql 1 -
/.bzr/README 1 -
/backend/node/common.js 2 -
/rss 9 -
/.gitattributes 2 -
/s3.key 2 -
/_profiler 1 -
/logout%E5%98%8A%E5%98%8DX-Injected:%20sentinel-unicode 1 -
/bbb/ 2 -
/app/serverless.yaml 2 -
/aws/buckets 2 -
/api/v1/orders/98916e19-4f79-1301-83d8-973d35769197 1 -
/.env.yml 1 -
/test 4 -
/suportetecnico/wp-content/plugins/pwnd/pwnd.php 1 -
/.dockerenv 1 -
/license.txt 3 -
/api/redirect%0D%0A%0D%0A<html><body>sentinel-split-002</body></html> 1 -
/.gitlab/issue_templates 2 -
/adminer 1 -
/auth/mfa 1 -
/src/config/stripe.js 2 -
/showLogin.cc 2 -
/actuator/configprops 7 -
/phpMyAdmin 2 -
/.git/credentials 1 -
/API.md 2 -
/auth%0d%0aLocation:%20https://evil.sentinel.example.com 1 -
/aws/ses/smtp.env 2 -
/api/node/constants.js 2 -
/info/ 2 -
/api 20 -
/.github/workflows/main.yml 2 -
/qcloud_config.js 1 https://br2t.com/
/logout%0D%0A%0D%0A<html><body>sentinel-split-002</body></html> 1 -
/api/import 11 -
/admin.html 2 -
/api/orders/99999999 1 -
/api/v2/config 2 -
/terraform.tfvars 6 -
/gcp-sa.json 1 -
/error/ 2 -
/login%0dX-Injected:%20sentinel-cr 1 -
/api/auth/* 2 -
/plugins/payments/stripe.json 2 -
/blog/wp-content/ai1wm-backups/ 2 -
/api/v1/accounts/4e191f73-69ad-48da-806f-80156af06486 1 -
/web/env.js 2 -
/subscribe 8 https://br2t.com/subscribe
/aws.env 2 -
/api/posts/1 1 -
/config/aws.ini 2 -
/auth%0d%0aSet-Cookie:%20evil=1 1 -
/.well-known/acme-challenge/* 2 -
/.env-example 2 -
/web/constants.js 2 -
/webhook/* 2 -
/wp-admin.php 48 https://www.google.com
/api/v1/users/2 2 -
/+CSCOE+/logon.html 1 https://www.google.com
/wp-includes/PHPMailer/ 24 -
/.env.qa 2 -
/api/node/common.js 2 -
/_next/build-manifest.json 2 -
/package-updates/yum.cgi 2 -
/api/admin/settings 1 -
/profile/00000000-0000-0000-0000-000000000001 1 -
/login.do 2 -
/webmin/package-updates/update.cgi 2 -
/api/files 1 -
/password-reset 1 -
/delete-test 1 -
/profile/* 2 -
/aws.properties 2 -
/search/label/PHP-Shells 2 -
/elmah.axd 1 -
/webauthn/login/options 1 -
/swagger.yaml 5 -
/api/v1/users/100 1 -
/inngest 1 -
/apis/index.js 2 -
/auth/webauthn/login/verify 1 -
/.git/HEAD 14 -
/rest/license 2 -
/api/v1/credentials 2 -
/serverless.yaml 2 -
/.well-known/* 2 -
/logout%E5%98%8A%E5%98%8DLocation:%20https://evil.sentinel.example.com 1 -
/admin/assets/global/plugins/jquery-file-upload/server/php/ 1 -
/resource 54 -
/.stripe/ 2 -
/wp-content/upgrade/ 1 -
/api/me 6 -
/.git/logs/refs/remotes/origin/main 2 -
/API/constants.js 2 -
/.docker/config.json 5 -
/feed 9 -
/wp-includes/js/tinymce/themes/inlite/ 1 -
/composer.json 1 -
/..%5c..%5c..%5c..%5c..%5c..%5cvar/log/apache2/access.log 2 -
/wp-includes/js/tinymce/plugins/compat3x/css/ 2 -
/api/redirect%0D%0ALocation:%20//evil.sentinel.example.com 1 -
/wp-includes/block-bindings/ 2 -
/.git/index 3 -
/contact 14 -
/aspera/faspex/ 2 -
/api/auth 112 -
/elasticsearch.yml 2 -
/cf_scripts/scripts/ajax/ckeditor/ckeditor.js 2 -
/keyfile.json 1 -
/backend/index.js 2 -
/config/master.key 1 -
/config/test.json 2 -
/profile/1 2 -
/login%0D%0ALocation:%20//evil.sentinel.example.com 1 -
/attachments 1 -
/redirect%E5%98%8A%E5%98%8DX-Injected:%20sentinel-unicode 1 -
/.env::$DATA 1 -
/payment/stripe.json 2 -
/admin/server.js 2 -
/assets/..%2f..%2f..%2f..%2fetc%2fpasswd 1 -
/swagger-ui/ 2 -
/swagger/v1/swagger.json 1 -
/home/*/.git-credentials 2 -
/_next/data/*/*.json 2 -
/.env.test 6 -
/aws/metadata 2 -
/playground 1 -
/backup.zip 2 -
/manage 4 -
/alfanew.PHP7 2 -
/.terraform.lock.hcl 2 -
/api/config/common.js 2 -
/login%0aX-Injected:%20sentinel-lf 1 -
/key.json 1 -
/api/credentials 2 -
/manifest.json 2 -
/suportetecnico/wp-login.php%7Czione%7CCasa4578./index.php 1 -
/phpmyadmin 2 -
/latest/meta-data/ 1 -
/upload/medialibrary 2 -
/src/config/environment.json 2 -
/threads/* 2 -
/_api/* 2 -
/users/99999999 1 -
/config.env 3 -
/wp-admin/css/colors/blue/ 3 -
/api/redirect%0d%0aSet-Cookie:%20evil=1 1 -
/api/invoices/2 2 -
/opt/mailcow-dockerized/mailcow.conf 2 -
/user/login 4 -
/__/firebase/init.json 2 -
END_SIDER_404

# Host - Pages - Hits - Bandwidth - Last visit date - [Start date of last visit] - [Last page of last visit]
# [Start date of last visit] and [Last page of last visit] are saved only if session is not finished
# The 25 first Hits must be first (order not required for others)
BEGIN_VISITOR 7
77.90.185.230 28 28 344895 20260518142455
177.104.166.71 2 2 69135 20260512132900
216.106.179.155 1 1 0 20260518213556
143.110.163.55 1 1 12325 20260519061415
161.35.35.88 1 1 12320 20260505085535
190.15.100.69 0 5 8855 
104.237.189.19 0 5 8855 
END_VISITOR

# Date - Pages - Hits - Bandwidth - Visits
BEGIN_DAY 5
20260505 1 1 12320 1
20260510 0 10 17710 0
20260512 2 2 69135 1
20260518 29 29 344895 2
20260519 1 1 12325 1
END_DAY

# Session range - Number of visits
BEGIN_SESSION 1
0s-30s 5
END_SESSION

# URL - Pages - Bandwidth - Entry - Exit
# The 25 first Pages must be first (order not required for others)
BEGIN_SIDER 30
/ 4 36963 3 3
/app/.env 1 12318 0 0
/info 1 12320 0 0
/demo/.env 1 12314 0 0
/api/test 1 12317 0 0
/backend/.env 1 12314 0 0
/api/.env 1 12318 0 0
/laravel/.env 1 12322 0 0
/staging/.env 1 12315 0 0
/test/.env 1 12314 0 0
/.env.example 1 12320 0 0
/.env 1 12318 1 0
/API/.env 1 12313 0 1
/server/.env 1 12311 0 0
/config/.env 1 12321 0 0
/admin/.env 1 12315 0 0
/portal/.env 1 12320 0 0
/test 1 12318 0 0
/bot/.env 1 12319 0 0
/cpanel 1 34575 0 1
/.env.save.1 1 12322 0 0
/crm/.env 1 12318 0 0
/debug/default/view 1 12315 0 0
/dev/.env 1 12315 0 0
/.env.save 1 12318 0 0
/phpinfo/ 1 12321 0 0
/.env.production 1 12325 0 0
/core/.env 1 12321 0 0
/info/ 1 12315 0 0
/whm 1 34560 1 0
END_SIDER

# Payload Range - Payload Frequency
BEGIN_FILESIZE 7
100-500 10391
0-44 501
44-100 21718
2K-5K 3494
500-1K 4
1K-2K 2
5K+ 30465
END_FILESIZE

Zerion Mini Shell 1.0