Below is a list of the last 500 suspicious interactions with this IP.
Last observed Wed, 22 Apr 2026 11:22:00 (Australia/Brisbane)
| Description | Count |
|---|---|
| ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | 106 |
| ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | 42 |
| ET WEB_SERVER PHP tags in HTTP POST | 8 |
| ET WEB_SERVER PHP.//Input in HTTP POST | 8 |
| ET HUNTING Suspicious PHP Code in HTTP POST (Inbound) | 8 |
| ET WEB_SERVER auto_prepend_file PHP config option in uri | 8 |
| ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) | 8 |
| SERVER-WEBAPP PHP PHP-CGI command execution attempt | 8 |
| ET WEB_SERVER Generic PHP Remote File Include | 8 |
| ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body | 8 |
| ET WEB_SERVER allow_url_include PHP config option in uri | 8 |
| Timestamp | Description | Protocol | Destination Port |
|---|---|---|---|
| 2026-04-22 11:22:00 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-22 11:21:59 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-21 12:06:28 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-21 12:06:27 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-20 14:09:45 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-20 14:09:44 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-19 22:39:56 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-19 22:39:56 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-19 13:20:36 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-19 13:20:35 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-18 19:30:14 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-18 19:30:14 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-18 02:21:15 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-18 02:21:14 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-18 02:21:14 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-17 12:50:23 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-17 12:50:23 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-17 12:50:22 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-17 10:26:47 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-17 10:26:47 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-17 00:07:46 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-17 00:07:46 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-17 00:07:45 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-16 20:03:11 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-16 20:03:11 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-16 01:41:08 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-16 01:41:08 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-15 19:48:28 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-15 19:48:28 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-15 13:03:28 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-15 13:03:28 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-15 07:29:09 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-15 07:29:09 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-15 06:08:24 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-15 06:08:24 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-15 06:08:23 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-14 20:18:26 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-14 20:18:26 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-14 09:47:45 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-14 09:47:45 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-13 18:17:09 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-13 18:17:08 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-13 16:23:40 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-13 16:23:40 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-12 15:33:00 | SERVER-WEBAPP PHP PHP-CGI command execution attempt | TCP | 80 |
| 2026-04-12 15:33:00 | ET WEB_SERVER Generic PHP Remote File Include | TCP | 80 |
| 2026-04-12 15:33:00 | ET WEB_SERVER PHP.//Input in HTTP POST | TCP | 80 |
| 2026-04-12 15:33:00 | ET WEB_SERVER allow_url_include PHP config option in uri | TCP | 80 |
| 2026-04-12 15:33:00 | ET WEB_SERVER PHP tags in HTTP POST | TCP | 80 |
| 2026-04-12 15:33:00 | ET WEB_SERVER auto_prepend_file PHP config option in uri | TCP | 80 |
| 2026-04-12 15:33:00 | ET HUNTING Suspicious PHP Code in HTTP POST (Inbound) | TCP | 80 |
| 2026-04-12 15:33:00 | ET WEB_SERVER PHP.//Input in HTTP POST | TCP | 80 |
| 2026-04-12 15:33:00 | ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body | TCP | 80 |
| 2026-04-12 15:33:00 | ET WEB_SERVER PHP tags in HTTP POST | TCP | 80 |
| 2026-04-12 15:33:00 | ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) | TCP | 80 |
| 2026-04-12 15:33:00 | ET WEB_SERVER auto_prepend_file PHP config option in uri | TCP | 80 |
| 2026-04-12 15:33:00 | ET WEB_SERVER allow_url_include PHP config option in uri | TCP | 80 |
| 2026-04-12 15:33:00 | ET WEB_SERVER Generic PHP Remote File Include | TCP | 80 |
| 2026-04-12 15:33:00 | ET HUNTING Suspicious PHP Code in HTTP POST (Inbound) | TCP | 80 |
| 2026-04-12 15:33:00 | ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) | TCP | 80 |
| 2026-04-12 15:33:00 | SERVER-WEBAPP PHP PHP-CGI command execution attempt | TCP | 80 |
| 2026-04-12 15:33:00 | ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body | TCP | 80 |
| 2026-04-12 14:31:35 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-12 14:31:35 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-12 01:18:18 | ET WEB_SERVER PHP.//Input in HTTP POST | TCP | 80 |
| 2026-04-12 01:18:18 | ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body | TCP | 80 |
| 2026-04-12 01:18:18 | ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) | TCP | 80 |
| 2026-04-12 01:18:18 | ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) | TCP | 80 |
| 2026-04-12 01:18:18 | ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body | TCP | 80 |
| 2026-04-12 01:18:18 | ET WEB_SERVER auto_prepend_file PHP config option in uri | TCP | 80 |
| 2026-04-12 01:18:18 | ET WEB_SERVER allow_url_include PHP config option in uri | TCP | 80 |
| 2026-04-12 01:18:18 | ET WEB_SERVER Generic PHP Remote File Include | TCP | 80 |
| 2026-04-12 01:18:18 | ET HUNTING Suspicious PHP Code in HTTP POST (Inbound) | TCP | 80 |
| 2026-04-12 01:18:18 | ET WEB_SERVER Generic PHP Remote File Include | TCP | 80 |
| 2026-04-12 01:18:18 | ET WEB_SERVER PHP.//Input in HTTP POST | TCP | 80 |
| 2026-04-12 01:18:18 | ET HUNTING Suspicious PHP Code in HTTP POST (Inbound) | TCP | 80 |
| 2026-04-12 01:18:18 | SERVER-WEBAPP PHP PHP-CGI command execution attempt | TCP | 80 |
| 2026-04-12 01:18:18 | ET WEB_SERVER auto_prepend_file PHP config option in uri | TCP | 80 |
| 2026-04-12 01:18:18 | ET WEB_SERVER PHP tags in HTTP POST | TCP | 80 |
| 2026-04-12 01:18:18 | ET WEB_SERVER PHP tags in HTTP POST | TCP | 80 |
| 2026-04-12 01:18:18 | SERVER-WEBAPP PHP PHP-CGI command execution attempt | TCP | 80 |
| 2026-04-12 01:18:18 | ET WEB_SERVER allow_url_include PHP config option in uri | TCP | 80 |
| 2026-04-12 00:17:03 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-12 00:17:03 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-11 22:02:51 | ET WEB_SERVER PHP.//Input in HTTP POST | TCP | 80 |
| 2026-04-11 22:02:51 | ET WEB_SERVER auto_prepend_file PHP config option in uri | TCP | 80 |
| 2026-04-11 22:02:51 | ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) | TCP | 80 |
| 2026-04-11 22:02:51 | ET WEB_SERVER auto_prepend_file PHP config option in uri | TCP | 80 |
| 2026-04-11 22:02:51 | ET WEB_SERVER PHP tags in HTTP POST | TCP | 80 |
| 2026-04-11 22:02:51 | ET HUNTING Suspicious PHP Code in HTTP POST (Inbound) | TCP | 80 |
| 2026-04-11 22:02:51 | ET HUNTING Suspicious PHP Code in HTTP POST (Inbound) | TCP | 80 |
| 2026-04-11 22:02:51 | ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body | TCP | 80 |
| 2026-04-11 22:02:51 | ET WEB_SERVER allow_url_include PHP config option in uri | TCP | 80 |
| 2026-04-11 22:02:51 | ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body | TCP | 80 |
| 2026-04-11 22:02:51 | ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) | TCP | 80 |
| 2026-04-11 22:02:51 | ET WEB_SERVER Generic PHP Remote File Include | TCP | 80 |
| 2026-04-11 22:02:51 | SERVER-WEBAPP PHP PHP-CGI command execution attempt | TCP | 80 |
| 2026-04-11 22:02:51 | ET WEB_SERVER PHP tags in HTTP POST | TCP | 80 |
| 2026-04-11 22:02:51 | ET WEB_SERVER PHP.//Input in HTTP POST | TCP | 80 |
| 2026-04-11 22:02:51 | ET WEB_SERVER Generic PHP Remote File Include | TCP | 80 |
| 2026-04-11 22:02:51 | SERVER-WEBAPP PHP PHP-CGI command execution attempt | TCP | 80 |
| 2026-04-11 22:02:51 | ET WEB_SERVER allow_url_include PHP config option in uri | TCP | 80 |
| 2026-04-11 21:01:36 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-11 21:01:36 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-11 12:43:13 | ET HUNTING Suspicious PHP Code in HTTP POST (Inbound) | TCP | 80 |
| 2026-04-11 12:43:13 | ET WEB_SERVER auto_prepend_file PHP config option in uri | TCP | 80 |
| 2026-04-11 12:43:13 | ET WEB_SERVER allow_url_include PHP config option in uri | TCP | 80 |
| 2026-04-11 12:43:13 | ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body | TCP | 80 |
| 2026-04-11 12:43:13 | ET WEB_SERVER PHP tags in HTTP POST | TCP | 80 |
| 2026-04-11 12:43:13 | ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) | TCP | 80 |
| 2026-04-11 12:43:13 | SERVER-WEBAPP PHP PHP-CGI command execution attempt | TCP | 80 |
| 2026-04-11 12:43:13 | ET WEB_SERVER PHP.//Input in HTTP POST | TCP | 80 |
| 2026-04-11 12:43:13 | ET WEB_SERVER Generic PHP Remote File Include | TCP | 80 |
| 2026-04-11 12:43:12 | ET WEB_SERVER PHP tags in HTTP POST | TCP | 80 |
| 2026-04-11 12:43:12 | ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body | TCP | 80 |
| 2026-04-11 12:43:12 | ET WEB_SERVER PHP.//Input in HTTP POST | TCP | 80 |
| 2026-04-11 12:43:12 | ET HUNTING Suspicious PHP Code in HTTP POST (Inbound) | TCP | 80 |
| 2026-04-11 12:43:12 | ET WEB_SERVER auto_prepend_file PHP config option in uri | TCP | 80 |
| 2026-04-11 12:43:12 | ET WEB_SERVER Generic PHP Remote File Include | TCP | 80 |
| 2026-04-11 12:43:12 | ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) | TCP | 80 |
| 2026-04-11 12:43:12 | SERVER-WEBAPP PHP PHP-CGI command execution attempt | TCP | 80 |
| 2026-04-11 12:43:12 | ET WEB_SERVER allow_url_include PHP config option in uri | TCP | 80 |
| 2026-04-11 11:41:59 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-11 11:41:59 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-11 08:12:35 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-11 08:12:34 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-11 08:12:34 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-10 19:26:53 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-10 19:26:53 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-10 19:26:53 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-10 16:19:25 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-10 16:19:25 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-10 16:11:37 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-10 16:11:37 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-10 05:51:32 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-10 05:51:32 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-10 05:51:31 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 20:35:20 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 20:35:20 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 16:51:28 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-09 16:51:27 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-09 16:51:27 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 00:58:39 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 00:58:39 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-08 08:11:31 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-08 08:11:30 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-07 21:10:28 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-07 21:10:26 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-07 21:06:12 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-07 21:06:12 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-07 15:33:55 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-07 15:33:54 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-07 15:33:53 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-06 23:35:38 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-06 23:35:38 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-06 15:50:17 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-06 15:50:15 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-06 10:32:04 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-06 10:32:03 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-05 15:20:52 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-05 15:20:51 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-05 14:12:49 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-05 14:12:49 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-05 14:12:48 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-04 14:27:21 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-04 14:27:20 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-04 13:33:37 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-04 13:33:36 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-04 13:33:35 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-04 03:01:49 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-04 03:01:49 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-03 18:46:24 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-03 18:46:22 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-03 08:34:30 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-03 08:34:30 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-03 08:34:29 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-03 08:23:43 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-03 08:23:43 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-02 10:45:03 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-02 10:45:03 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-01 22:57:51 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-01 22:57:51 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-01 22:55:51 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-01 22:55:50 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-01 17:35:45 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-01 17:35:44 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-01 16:30:03 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-01 16:30:02 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-01 16:30:01 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-01 13:54:34 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-01 13:54:33 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-01 13:00:51 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-04-01 13:00:50 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-31 21:21:05 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-03-31 21:21:04 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-03-31 21:21:03 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-31 06:55:40 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-31 06:55:39 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-30 11:17:48 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-30 11:17:47 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-30 02:20:33 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-30 02:20:33 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-29 03:57:11 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-29 03:57:10 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-28 14:54:48 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-28 14:54:47 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-28 14:51:54 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-03-28 14:51:54 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-28 08:31:26 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-03-28 08:31:25 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-03-28 08:31:25 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-27 21:03:36 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-27 21:03:36 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-27 03:39:38 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-03-27 03:39:37 | ET HUNTING Suspicious PHP Code in HTTP POST (Outbound) | TCP | 80 |
| 2026-03-27 03:39:36 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-25 23:31:14 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-25 23:31:13 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-25 22:06:59 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-03-25 22:06:59 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
Back to top