ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 185.180.141.42:2375.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1822250
IOC: 185.180.141.42:2375
IOC Type :ip:port
Threat Type :payload_delivery
Malware: Mirai
Malware alias:Katana
Confidence Level : Confidence level is high (80%)
Is compromised? : False
ASN:AS21859 ZEN-ECN
Country:- CN
First seen:2026-06-04 07:31:54 UTC
Last seen:never
UUID:4801edc6-5fe7-11f1-a345-42010aa4000a
Reporter nullblue67
Reward 5 credits from ThreatFox
Tags:ai-infra-scan docker-api gitmc-org-mcp-scanner jsonrpc MCP reconnaissance
Reference: https://twitter.com/NullBlue67

Avatar
nullblue67
MCP (Model Context Protocol) scanner using gitmc-org-mcp-scanner v1.0.0 tool sending jsonrpc initialize requests to Docker API testing for exposed MCP servers. Novel reconnaissance vector targeting AI/LLM agent infrastructure. 2026-06-04 NullBlue67