Requests from 152.42.181.139

Remote Address

Threat Level

Method

Path

Query String

Headers

Body

Acceptable

Timestamp

Port

Request Types

Attack Types

Analyse Request

Other Requests by Actor

CSV Dump

152.42.181.139

GET

/sito/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be31c287e40c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:15.211709

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/cms/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be3180c6d40c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:14.554197

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/site/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be313b95540c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:13.885066

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/wp2/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be30fad4c40c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:13.219571

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/media/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be30b796740c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:12.541118

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/test/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be3073d1540c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:11.872025

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/wp1/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be30318a640c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:11.254243

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/shop/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be2ff6d2340c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:10.619841

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/2019/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be2fb489540c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:09.953538

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/2018/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be2f70c5f40c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:09.285381

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/news/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be2f2efde40c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:08.660197

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/wp/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be2ef3bdb40c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:08.032547

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/website/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be2eb081440c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:07.355098

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/wordpress/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be2e6dc2040c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:06.700526

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/web/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be2e2dff740c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:06.055160

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/blog/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be2debc3440c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:05.401219

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/xmlrpc.php

rsd=

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be2d65c0d40c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:04.057080

RECON
SCAN
ATTACK

WEBAPP_VULN

152.42.181.139

GET

/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	889be2d23f9e40c8-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-26 07:00:03.385259

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/sito/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abe07da853f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:46.369193

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/cms/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abe048f823f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:45.696416

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/site/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abdff69d53f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:45.024271

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/wp2/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abdfc2e503f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:42.071909

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/media/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abde8b8903f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:41.252309

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/test/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abddd3b023f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:39.555181

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/wp1/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abdd91dcd3f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:38.744004

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/shop/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abdd30e783f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:37.924514

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/2019/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abdcfcb2d3f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:37.401589

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/2018/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abdcc78053f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:36.879883

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/news/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abdc94cd03f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:36.208721

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/wp/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abdc34ee23f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:35.407235

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/website/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abdbf1a1a3f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:34.590307

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/wordpress/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abdb3bf283f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:32.915139

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/web/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abdaf9aed3f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:32.247617

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/blog/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abdab7e5d3f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:31.588892

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.181.139

GET

/xmlrpc.php

rsd=

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abda4feef3f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:30.397700

RECON
SCAN
ATTACK

WEBAPP_VULN

152.42.181.139

GET

/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.181.139
Cf-Ray	887abd996a3e3f77-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.181.139
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-22 06:27:28.705579

ATTACK
RECON

WEBAPP_VULN
RCE
LFI