Someone tried to exploit the Shellshock vulnerability in Bash on lodash.com, likely as part of a mass-exploit attempt.
In this case, the exploit attempted to download a modified version of @schierlm’s pseudo-terminal Perl script that would connect to 72.167.37.182
on port 23
. The download URL contains the targeted host name (?h=lodash.com
) which gives the attacker an indication of which hosts might have the /tmp/a.pl
backdoor in place.