Below is a list of the last 500 suspicious interactions with this IP.
Last observed Sat, 30 May 2026 03:12:21 (Australia/Brisbane)
| Description | Count |
|---|---|
| ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | 164 |
| ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | 71 |
| ET WEB_SERVER allow_url_include PHP config option in uri | 4 |
| ET HUNTING Suspicious PHP Code in HTTP POST (Inbound) | 4 |
| ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) | 4 |
| ET WEB_SERVER PHP tags in HTTP POST | 4 |
| ET WEB_SERVER Generic PHP Remote File Include | 4 |
| ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body | 4 |
| ET WEB_SERVER PHP.//Input in HTTP POST | 4 |
| SERVER-WEBAPP PHP PHP-CGI command execution attempt | 4 |
| ET WEB_SERVER auto_prepend_file PHP config option in uri | 4 |
| Timestamp | Description | Protocol | Destination Port |
|---|---|---|---|
| 2026-05-30 03:12:21 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-30 03:12:21 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-30 03:12:20 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-30 02:39:50 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-30 02:39:50 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-29 04:28:04 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-29 04:28:03 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-28 01:26:17 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-28 01:26:17 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-27 23:54:59 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-27 23:54:58 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-27 11:25:10 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-27 11:25:10 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-27 07:24:28 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-27 07:24:27 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-27 07:24:27 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-26 21:00:37 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-26 21:00:36 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-26 14:07:03 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-26 14:07:03 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-26 03:13:32 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-26 03:13:31 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-26 03:13:31 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-24 23:11:18 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-24 23:11:17 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-24 23:11:17 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-24 10:27:55 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-24 10:27:55 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-23 19:23:37 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-23 19:23:37 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-23 19:23:36 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-23 09:15:53 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-23 09:15:53 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-23 07:46:48 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-23 07:46:48 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-23 01:25:25 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-23 01:25:23 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-22 05:27:32 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-22 05:27:31 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-22 03:59:19 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-22 03:59:18 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-20 23:48:19 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-20 23:48:18 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-20 23:48:17 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-20 10:01:16 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-20 10:01:15 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-20 10:01:15 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-19 00:49:09 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-19 00:49:08 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-19 00:49:08 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-18 22:38:55 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-18 22:38:53 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-17 14:23:29 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-17 14:23:28 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-17 10:18:41 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-17 10:18:40 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-16 15:46:11 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-16 15:46:11 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-16 12:20:51 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-16 12:20:50 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-16 05:28:31 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-16 05:28:31 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-15 18:04:28 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-15 18:04:28 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-15 15:59:34 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-15 15:59:34 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-15 15:59:33 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-15 12:34:38 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-15 12:34:38 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-15 12:34:37 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-15 11:13:54 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-15 11:13:54 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-14 08:59:09 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-14 08:59:08 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-13 21:39:27 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-13 21:39:27 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-13 08:02:35 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-13 08:02:34 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-13 07:19:05 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-13 07:19:05 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-13 01:00:48 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-13 01:00:47 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-13 01:00:46 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-12 03:40:28 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-12 03:40:28 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-11 12:51:00 | ET WEB_SERVER allow_url_include PHP config option in uri | TCP | 80 |
| 2026-05-11 12:51:00 | ET HUNTING Suspicious PHP Code in HTTP POST (Inbound) | TCP | 80 |
| 2026-05-11 12:51:00 | ET WEB_SERVER PHP tags in HTTP POST | TCP | 80 |
| 2026-05-11 12:51:00 | ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body | TCP | 80 |
| 2026-05-11 12:51:00 | ET WEB_SERVER Generic PHP Remote File Include | TCP | 80 |
| 2026-05-11 12:51:00 | ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) | TCP | 80 |
| 2026-05-11 12:51:00 | ET WEB_SERVER PHP.//Input in HTTP POST | TCP | 80 |
| 2026-05-11 12:51:00 | SERVER-WEBAPP PHP PHP-CGI command execution attempt | TCP | 80 |
| 2026-05-11 12:51:00 | ET WEB_SERVER auto_prepend_file PHP config option in uri | TCP | 80 |
| 2026-05-11 12:50:59 | ET WEB_SERVER allow_url_include PHP config option in uri | TCP | 80 |
| 2026-05-11 12:50:59 | ET WEB_SERVER Generic PHP Remote File Include | TCP | 80 |
| 2026-05-11 12:50:59 | ET WEB_SERVER PHP tags in HTTP POST | TCP | 80 |
| 2026-05-11 12:50:59 | ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body | TCP | 80 |
| 2026-05-11 12:50:59 | ET WEB_SERVER auto_prepend_file PHP config option in uri | TCP | 80 |
| 2026-05-11 12:50:59 | ET WEB_SERVER PHP.//Input in HTTP POST | TCP | 80 |
| 2026-05-11 12:50:59 | ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) | TCP | 80 |
| 2026-05-11 12:50:59 | SERVER-WEBAPP PHP PHP-CGI command execution attempt | TCP | 80 |
| 2026-05-11 12:50:59 | ET HUNTING Suspicious PHP Code in HTTP POST (Inbound) | TCP | 80 |
| 2026-05-11 11:49:28 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-11 11:49:28 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-11 02:28:08 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-11 02:28:08 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-09 16:49:41 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-09 16:49:40 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-06 21:13:43 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-06 21:13:43 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-05 18:45:36 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-05 18:45:36 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-05 18:45:35 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-05 15:17:24 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-05 15:17:24 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-05 15:17:23 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-05 11:28:30 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-05 11:28:29 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-03 09:55:50 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-03 09:55:50 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-03 05:32:56 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-03 05:32:55 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-03 05:32:55 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-03 02:06:37 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-03 02:06:36 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-05-03 02:06:36 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-02 10:22:19 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-02 10:22:19 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-02 06:56:12 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-02 06:56:11 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-02 03:30:50 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-02 03:30:33 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-01 13:07:26 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-05-01 13:07:24 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-30 23:58:29 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-30 23:58:29 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-30 23:58:28 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-30 20:39:33 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-30 20:39:33 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-30 18:17:21 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-30 18:17:20 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-29 15:39:06 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-29 15:39:05 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-29 07:06:24 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-29 07:06:23 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-28 14:24:26 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-28 14:24:26 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-28 08:29:03 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-28 08:29:02 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-28 01:21:13 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-28 01:21:13 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-27 08:53:26 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-27 08:53:26 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-27 03:56:46 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-27 03:56:46 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-26 16:45:14 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-26 16:45:13 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-26 14:03:34 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-26 14:03:34 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-26 14:03:33 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-26 08:30:29 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-26 08:30:29 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-26 02:58:05 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-26 02:58:04 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-25 10:42:52 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-25 10:42:52 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-24 01:38:47 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-24 01:38:47 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-23 20:14:23 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-23 20:14:23 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-23 08:54:30 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-23 08:54:28 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-22 01:09:08 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-22 01:09:08 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-21 15:25:15 | ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) | TCP | 80 |
| 2026-04-21 15:25:15 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-21 15:25:15 | ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body | TCP | 80 |
| 2026-04-21 15:25:15 | ET WEB_SERVER PHP.//Input in HTTP POST | TCP | 80 |
| 2026-04-21 15:25:15 | ET HUNTING Suspicious PHP Code in HTTP POST (Inbound) | TCP | 80 |
| 2026-04-21 15:25:15 | SERVER-WEBAPP PHP PHP-CGI command execution attempt | TCP | 80 |
| 2026-04-21 15:25:15 | ET WEB_SERVER Generic PHP Remote File Include | TCP | 80 |
| 2026-04-21 15:25:15 | ET WEB_SERVER allow_url_include PHP config option in uri | TCP | 80 |
| 2026-04-21 15:25:15 | ET WEB_SERVER auto_prepend_file PHP config option in uri | TCP | 80 |
| 2026-04-21 15:25:15 | ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body | TCP | 80 |
| 2026-04-21 15:25:15 | SERVER-WEBAPP PHP PHP-CGI command execution attempt | TCP | 80 |
| 2026-04-21 15:25:15 | ET WEB_SERVER PHP.//Input in HTTP POST | TCP | 80 |
| 2026-04-21 15:25:15 | ET WEB_SERVER PHP tags in HTTP POST | TCP | 80 |
| 2026-04-21 15:25:15 | ET WEB_SERVER allow_url_include PHP config option in uri | TCP | 80 |
| 2026-04-21 15:25:15 | ET WEB_SERVER PHP tags in HTTP POST | TCP | 80 |
| 2026-04-21 15:25:15 | ET WEB_SERVER Generic PHP Remote File Include | TCP | 80 |
| 2026-04-21 15:25:15 | ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) | TCP | 80 |
| 2026-04-21 15:25:15 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-21 15:25:15 | ET HUNTING Suspicious PHP Code in HTTP POST (Inbound) | TCP | 80 |
| 2026-04-21 15:25:15 | ET WEB_SERVER auto_prepend_file PHP config option in uri | TCP | 80 |
| 2026-04-21 13:08:00 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-21 13:07:59 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-21 00:02:50 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-21 00:02:49 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-21 00:02:49 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-20 09:19:13 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-20 09:19:12 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-20 09:19:12 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-20 06:41:32 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-20 06:41:31 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-19 12:56:01 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-19 12:56:01 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-19 12:56:00 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-19 10:07:37 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-19 10:07:36 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-18 13:54:15 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-18 13:54:14 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-16 14:03:25 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-16 14:03:24 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-16 12:13:13 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-16 12:13:13 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-16 12:13:12 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-16 06:25:51 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-16 06:25:50 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-16 06:25:49 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-16 01:21:10 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-16 01:21:10 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-14 06:03:20 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-14 06:03:19 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-13 23:37:21 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-13 23:37:20 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-13 23:37:20 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-13 02:13:02 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-13 02:13:02 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-08 11:29:10 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-08 11:29:09 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-08 11:29:09 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-07 15:30:30 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-07 15:30:29 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-05 07:35:17 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-05 07:35:16 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-05 07:35:16 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-05 04:41:31 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-05 04:41:31 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-04 04:44:03 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-04 04:44:02 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-03 17:32:31 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-03 17:32:29 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-03 04:19:27 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-03 04:19:27 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-03 04:19:26 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-03 01:23:19 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-03 01:23:18 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-02 06:29:29 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-02 06:29:28 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-02 06:29:28 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-02 02:47:38 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-02 02:47:37 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-02 02:47:36 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-01 05:50:58 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-01 05:50:57 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-30 15:52:22 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-30 12:43:28 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-30 12:43:27 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-29 06:02:46 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-29 06:02:46 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-29 00:39:57 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-29 00:39:57 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-28 23:56:31 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-03-28 23:56:30 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-28 09:17:16 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-28 09:17:15 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-28 07:26:39 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-28 07:26:39 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-28 01:54:26 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-03-28 01:54:25 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
Back to top