Below is a list of the last 500 suspicious interactions with this IP.
Last observed Sun, 12 Apr 2026 17:24:48 (Australia/Brisbane)
| Description | Count |
|---|---|
| ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | 40 |
| ET WEB_SERVER allow_url_include PHP config option in uri | 1 |
| ET WEB_SERVER Generic PHP Remote File Include | 1 |
| ET WEB_SERVER PHP.//Input in HTTP POST | 1 |
| ET WEB_SERVER auto_prepend_file PHP config option in uri | 1 |
| ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) | 1 |
| ET WEB_SERVER PHP tags in HTTP POST | 1 |
| ET HUNTING Suspicious PHP Code in HTTP POST (Inbound) | 1 |
| ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body | 1 |
| Timestamp | Description | Protocol | Destination Port |
|---|---|---|---|
| 2026-04-12 17:24:48 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-12 16:51:58 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-12 15:27:29 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-12 15:27:29 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-12 14:42:12 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-11 22:50:27 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-11 20:02:11 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-11 20:02:11 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-11 10:41:13 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-11 10:41:12 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-11 08:05:23 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-11 08:05:22 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-11 06:06:01 | ET WEB_SERVER allow_url_include PHP config option in uri | TCP | 80 |
| 2026-04-11 06:06:01 | ET WEB_SERVER auto_prepend_file PHP config option in uri | TCP | 80 |
| 2026-04-11 06:06:01 | ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) | TCP | 80 |
| 2026-04-11 06:06:01 | ET WEB_SERVER PHP.//Input in HTTP POST | TCP | 80 |
| 2026-04-11 06:06:01 | ET WEB_SERVER PHP tags in HTTP POST | TCP | 80 |
| 2026-04-11 06:06:01 | ET WEB_SERVER Generic PHP Remote File Include | TCP | 80 |
| 2026-04-11 06:06:01 | ET HUNTING Suspicious PHP Code in HTTP POST (Inbound) | TCP | 80 |
| 2026-04-11 06:06:01 | ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body | TCP | 80 |
| 2026-04-11 05:04:35 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-11 01:56:55 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-11 01:56:55 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-10 06:59:46 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-10 02:16:30 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-10 02:16:29 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 16:05:44 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 16:05:43 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 13:37:50 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 13:37:50 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 09:51:38 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 09:51:38 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 06:39:21 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 06:39:21 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 04:25:24 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 04:25:24 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 02:20:44 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 02:20:44 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 00:03:20 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-09 00:03:20 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-08 21:53:24 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-08 21:53:24 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-08 16:22:18 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-08 16:22:18 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-08 13:26:34 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-08 11:44:25 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-08 11:44:23 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
| 2026-04-08 11:04:59 | ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 | TCP | 80 |
Back to top