Requests from 152.42.210.189

Remote Address

Threat Level

Method

Path

Query String

Headers

Body

Acceptable

Timestamp

Port

Request Types

Attack Types

Analyse Request

Other Requests by Actor

CSV Dump

152.42.210.189

GET

/sito/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b4281b2f725fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:39.600795

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/cms/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b42817c98f5fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:38.996881

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/site/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b428134b075fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:38.285425

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/wp2/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b4280f0ca35fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:37.613286

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/media/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b4280aed745fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:37.004790

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/test/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b42807884e5fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:36.462909

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/wp1/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b428042aca5fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:35.864912

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/shop/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b427ffed275fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:35.193440

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/2019/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b427fbee615fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:34.543446

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/2018/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b427f7cfe25fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:33.947362

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/news/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b427f469e05fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:33.405371

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/wp/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b427f10c105fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:32.862699

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/website/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b427edae5a5fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:32.323740

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/wordpress/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b427ea292c5fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:31.766294

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/web/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b427e6cb975fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:31.226360

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/blog/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b427e36e7d5fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:30.629918

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/xmlrpc.php

rsd=

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b427dbca3c5fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:29.407822

RECON
SCAN
ATTACK

WEBAPP_VULN

152.42.210.189

GET

/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	88b427d7bbb65fed-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 05:41:28.755373

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/sito/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e72215e784655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:48.248388

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/cms/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e721c6bc54655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:47.456280

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/site/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e7217a93f4655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:46.725682

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/wp2/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e720c8b2c4655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:44.920891

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/media/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e72069fea4655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:43.961446

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/test/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e7200dbe24655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:43.050765

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/wp1/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e71fb3fca4655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:42.146040

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/shop/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e71f54cbe4655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:41.203619

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/2019/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e71efe9a44655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:40.373577

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/2018/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e71eb0f0c4655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:39.552665

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/news/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e71e60b284655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:38.785216

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/wp/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e71e1588d4655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:38.009990

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/website/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e71dc5dd44655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:37.216258

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/wordpress/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e71d78b4c4655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:36.467538

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/web/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e71cc8d044655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:34.697137

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/blog/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e71c7e9bf4655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:33.949680

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.189

GET

/xmlrpc.php

rsd=

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e71be8c454655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:32.453076

RECON
SCAN
ATTACK

WEBAPP_VULN

152.42.210.189

GET

/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.189
Cf-Ray	886e71b9c8ce4655-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.189
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-20 18:38:31.669329

ATTACK
RECON

WEBAPP_VULN
RCE
LFI