Requests from 152.42.222.216

Remote Address

Threat Level

Method

Path

Query String

Headers

Body

Acceptable

Timestamp

Port

Request Types

Attack Types

Analyse Request

Other Requests by Actor

CSV Dump

152.42.222.216

GET

/sito/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85c2e6ddc9c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:56:15.428645

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/cms/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85c2848ea9c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:56:14.440901

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/site/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85c21fc5d9c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:56:13.436419

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/wp2/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85c1bbf289c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:56:12.434273

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/media/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85c157a679c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:56:11.440102

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/test/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85c0f2db89c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:56:10.429545

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/wp1/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85c027bb89c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:56:02.811855

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/shop/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85bd949fa9c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:56:01.814552

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/2019/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85bd31c9b9c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:56:00.821922

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/2018/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85bccdea29c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:55:59.821241

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/news/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85bc699dc9c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:55:58.812331

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/wp/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85bba0fd69c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:55:56.955029

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/website/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85bb5ac699c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:55:56.261419

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/wordpress/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85bb148929c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:55:55.410232

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/web/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85bab0b309c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:55:51.897846

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/blog/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85b95188e9c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:55:50.903181

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/xmlrpc.php

rsd=

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85b886f4c9c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:55:49.023673

RECON
SCAN
ATTACK

WEBAPP_VULN

152.42.222.216

GET

/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	88b85b841b269c62-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-29 17:55:48.165489

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/sito/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3fcff680223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:32.793088

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/cms/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3f99cf80223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:32.063466

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/site/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3f3e8c50223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:31.147460

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/wp2/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3ee0d030223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:30.206758

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/media/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3e868fe0223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:29.312106

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/test/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3e2bd3f0223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:28.392850

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/wp1/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3dce9a40223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:27.464427

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/shop/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3d74e060223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:26.623866

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/2019/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3d26ae10223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:25.979853

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/2018/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3cf18630223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:25.224254

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/news/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3c8dc100223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:24.254457

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/wp/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3c2dff40223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:23.557647

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/website/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3c05e660223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:23.093208

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/wordpress/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3bd0ba20223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:22.373638

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/web/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3b768410223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:21.728490

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/blog/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3b4fe6b0223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:21.022629

ATTACK
RECON

WEBAPP_VULN
RCE
LFI

152.42.222.216

GET

/xmlrpc.php

rsd=

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3a8ce3d0223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:19.153496

RECON
SCAN
ATTACK

WEBAPP_VULN

152.42.222.216

GET

/wp-includes/wlwmanifest.xml

Header	Value
Host	ottodanp.dev
Connection	Keep-Alive
Accept-Encoding	gzip
X-Forwarded-For	152.42.222.216
Cf-Ray	8849b3a34a0b0223-SIN
X-Forwarded-Proto	http
Cf-Visitor	{"scheme":"http"}
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Language	en-US,en;q=0.5
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cf-Connecting-Ip	152.42.222.216
Cdn-Loop	cloudflare
Cf-Ipcountry	SG

Parameter	Value

False

2024-05-16 07:37:18.442950

ATTACK
RECON

WEBAPP_VULN
RCE
LFI