New IP addresses involved in malicious activities found with OSINT search - 8th March 2025

in data
New IP addresses involved in malicious activities found with OSINT search -  8th March 2025:

  • 47.236.41[.]180
ISP: Alibaba Cloud LLC

Registration Country: Singapore

Open ports and services: 22 (SSH)

Host fingerprint: ef5c69a4763fae03035a5261daed3edd92e8532daf85d0cf47a0c8881b68dd07

Threat intelligence detail: SSH Brute Force, Port Scan.








  • 47.96.17[.]237
ISP: Hangzhou Alibaba Advertising Co.,Ltd. 

Registration Country: China

Open ports and services: 443 (HTTPS), 5000, 5002, 5004, 5005, 5007, 5008, 6900, 6901

JARM certificate: 2ad2ad00000000000041d41d00000009f1eb1749b1a3453b336be3e9d73739

Threat intelligence detail: South Korean VPN provider compromised, supply chain. SlowStepper backdoor.