Apache 2.4.49 has a known remote code execution vulnerability. Someone can use the following Google Dork to find Apache 2.4.49 servers that are publicly accessible.

intitle:"Index of" "Apache/2.4.49 (Ubuntu) Server"

By typing a company or domain name after the dork in the same query, it will filter results.