NOTE: malware is now using this as their User-agent. I haven't run a scan now for over two days. I'm running a scan right now of the Internet to test for the recent bash vulnerability, to see how widespread this is. My scan works by stuffing a bunch of "ping home" commands in various CGI variables. It's coming from IP address 209.126.230.72. The configuration file for masscan looks something like:
![Bash 'shellshock' scan of the Internet](https://cdn-ak-scissors.b.st-hatena.com/image/square/e1ba674fb2228dac61c48bd377e6e9e3ee7883c5/height=288;version=1;width=512/https%3A%2F%2Fblogger.googleusercontent.com%2Fimg%2Fb%2FR29vZ2xl%2FAVvXsEi9s4MceSb_UXJERcbwwRguOltsVuZ7m45VXFpDW56iIIlrG8XON2UhOMWuXFstayzhylA8s3TwrDTzFF75SdBPeoAvQixzdNhgsDSNtEBIlmtgyqS5RzRBR92Qkzi5CdbKlPU6%2Fw1200-h630-p-k-no-nu%2FScreenshot%2B2014-09-24%2B18.31.52.png)