Requests from 152.42.210.193

Remote Address

Threat Level

Method

Path

Query String

Headers

Body

Acceptable

Timestamp

Port

Request Types

Attack Types

Analyse Request

Other Requests by Actor

CSV Dump

152.42.210.193

GET

/sito/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4d02c0fdb9cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:35.744753

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/cms/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4d0287bef9cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:35.139554

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/site/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4d0248f9e9cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:34.473553

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/wp2/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4d0200a759cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:33.719854

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/media/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4d01b0c509cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:32.921791

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/test/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4d0163e749cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:32.163000

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/wp1/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4d01179269cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:31.494856

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/shop/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4d00ded189cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:30.823682

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/2019/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4d0091f929cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:30.104014

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/2018/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4d004eaff9cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:29.423721

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/news/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4d0008d879cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:28.721007

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/wp/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4cffc190d9cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:28.005506

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/website/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4cff79d029cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:27.333639

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/wordpress/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4cff3d8ff9cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:26.662316

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/web/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4cfef0c679cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:25.889249

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/blog/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4cfea6f5b9cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:25.251760

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/xmlrpc.php

rsd=

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4cfe24ceb9cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:23.873743

RECON
SCAN
ATTACK

WEBAPP_VULN

152.42.210.193

GET

/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88c4cfdddfab9cbd-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-31 06:12:23.104058

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/sito/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	8876351099c58196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:15:10.968372

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/cms/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	887634fe4c648196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:15:10.134203

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/site/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	887634f8cee18196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:15:04.703000

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/wp2/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	887634d739288196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:15:01.777987

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/media/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	887634c4cd258196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:14:58.851487

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/test/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	887634b29ffe8196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:14:58.007369

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/wp1/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	887634ad6a318196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:14:57.188027

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/shop/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	887634a85c888196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:14:56.385410

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/2019/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	887634a34f598196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:14:55.574162

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/2018/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	8876349e19988196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:14:54.747823

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/news/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88763498fd028196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:14:51.829582

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/wp/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	88763486a8678196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:14:50.998585

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/website/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	887634817aac8196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:14:50.172072

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/wordpress/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	8876347c6d218196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:14:49.354123

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/web/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	8876347728528196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:14:46.432774

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/blog/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	887634650be08196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:14:43.515109

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.210.193

GET

/xmlrpc.php

rsd=

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	8876344d7ba18196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:14:41.856654

RECON
SCAN
ATTACK

WEBAPP_VULN

152.42.210.193

GET

/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.210.193
Cf-Ray	887634487e3d8196-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.210.193
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-21 17:14:41.036524

ATTACK
RECON

WEBAPP_VULN
RCE
LFI