🦞 OpenClaw Exposure Watchboard
This page lists publicly reachable active OpenClaw instances for defensive awareness. If this is your deployment, enable authentication, remove direct public exposure, and patch immediately.
Exposed Instances: 234899 Page: 1189 / 2349 (100 per page) Showing: 118801-118900 Last Imported: 03/03/2026, 10:47:41
Build With Vivgrid
Explore Vivgrid Ship Secure Enterprise AI Agents 10× Faster with vivgrid.com
Vivgrid gives you authentication, model gateway, tool control, cost tracking, and enterprise observability — everything you need to ship AI agents safely at scale.
| Endpoint | Assistant Name | Country | auth_required | is_active | has_leaked_creds | asn | asn_name | org | first_seen | last_seen | asi_has_breach | asi_has_threat_actor | asi_threat_actors | asi_cves | asi_enriched_at | asi_domains |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 57.128.253.••• :18789 | - | 🇵🇱 Poland | Yes | true | Clean | AS16276 | OVH SAS | OVH Poland | 03/02/2026, 22:40:27 | 02/03/2026, 01:20:05 | - | - | - | - | 05/02/2026, 15:53:33 | - |
| 43.140.215.••• :18789 | Assistant | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 03/02/2026, 22:40:38 | 02/03/2026, 01:20:05 | Yes | Yes | APT37, El-Machete | CVE-2017-8923, CVE-2017-9118, CVE-2017-9120, CVE-2021-21703, CVE-2021-21707, CVE-2021-21708, CVE-2022-31625, CVE-2022-31626, CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-37454 | 05/02/2026, 13:01:22 | tencent.com |
| 206.119.173.••• :18789 | Assistant | 🇺🇸 United States | Yes | true | Leaked | AS133199 | SonderCloud Limited | Solustack Limited | 17/02/2026, 04:06:03 | 02/03/2026, 01:20:05 | Yes | No | - | - | 17/02/2026, 20:26:22 | cogentco.com |
| 120.48.65.••• :18789 | Assistant | 🇺🇸 United States | Yes | true | Clean | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 01/03/2026, 18:23:32 | 02/03/2026, 01:20:05 | - | - | - | - | - | - |
| 2a02:4780:28:afa2::1:18789 | - | 🇫🇷 France | - | true | Clean | AS47583 | Hostinger International Limited | Hostinger | 13/02/2026, 00:24:51 | 02/03/2026, 01:20:05 | - | - | - | - | - | - |
| 51.20.7.••• :18789 | - | 🇸🇪 Sweden | Yes | true | Clean | AS16509 | Amazon.com, Inc. | A100 Row | 22/02/2026, 13:53:13 | 02/03/2026, 01:20:05 | - | - | - | - | - | - |
| 43.163.241.••• :18789 | Assistant | 🇸🇬 Singapore | Yes | true | Leaked | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 20/02/2026, 18:28:11 | 02/03/2026, 01:20:05 | Yes | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 20/02/2026, 20:47:44 | tencent.com |
| 8.162.7.••• :18789 | Assistant | 🇸🇬 Singapore | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alibaba Cloud | 11/02/2026, 09:28:03 | 02/03/2026, 01:20:05 | - | - | - | - | - | - |
| 142.132.177.••• :18789 | Assistant | 🇩🇪 Germany | Yes | true | Leaked | AS24940 | Hetzner Online GmbH | Hetzner Online | 17/02/2026, 18:38:40 | 02/03/2026, 01:20:05 | Yes | Yes | APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon | CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-16843, CVE-2018-16844, CVE-2018-16845, CVE-2018-20685, CVE-2019-20372, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 18/02/2026, 07:04:13 | hetzner.com |
| 43.167.242.••• :18789 | Pa (⚡) | 🇸🇬 Singapore | Yes | true | Leaked | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 03/02/2026, 22:40:52 | 02/03/2026, 01:20:05 | Yes | Yes | APT15, APT17, APT31, APT36, APT37, APT45, Bitter APT, Bluenoroff, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT, The Shadow Brokers | CVE-2016-20012, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/02/2026, 20:47:11 | tencent.com |
| 124.223.84.••• :18789 | Assistant | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 03/02/2026, 22:40:57 | 02/03/2026, 01:20:05 | Yes | No | - | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/02/2026, 15:43:09 | tencent.com, chinaunicom.cn |
| 2607:5300:205:200::836a:18789 | - | 🇨🇦 Canada | - | true | Clean | AS16276 | OVH SAS | OVH Hosting | 05/02/2026, 07:57:36 | 02/03/2026, 01:20:05 | - | - | - | - | 05/02/2026, 21:21:47 | - |
| 1.15.13.••• :18789 | Assistant | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 03/02/2026, 22:40:51 | 02/03/2026, 01:20:05 | - | - | - | - | 05/02/2026, 03:57:34 | - |
| 2a02:4780:4:3341::1:18789 | - | 🇺🇸 United States | - | true | Clean | AS47583 | Hostinger International Limited | Hostinger | 11/02/2026, 08:44:14 | 02/03/2026, 01:20:05 | - | - | - | - | - | - |
| 103.75.184.••• :18789 | Jarvis (🤖) | 🇻🇳 Vietnam | Yes | true | Leaked | AS135905 | VIETNAM POSTS AND TELECOMMUNICATIONS GROUP | Inetsoft Vietnam | 08/02/2026, 09:03:11 | 02/03/2026, 01:20:05 | Yes | Yes | APT-C-23, Gamaredon Group, Ghostwriter, Lazarus Group, Turla APT Group, Volt Typhoon | CVE-2021-3618, CVE-2022-41741, CVE-2022-41742, CVE-2023-44487, CVE-2024-7347, CVE-2025-23419 | 08/02/2026, 09:08:14 | inet.vn, datadock.ne.jp |
| 170.64.234.••• :443 | - | 🇦🇺 Australia | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 05/02/2026, 13:00:03 | 02/03/2026, 01:20:05 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/02/2026, 21:40:01 | - |
| 146.103.125.••• :443 | - | 🇳🇱 Netherlands | Yes | true | Clean | AS216071 | SERVERS TECH FZCO | Amsterdam | 26/02/2026, 14:53:52 | 02/03/2026, 01:20:05 | - | - | - | - | - | - |
| 134.209.102.••• :443 | Assistant | 🇸🇬 Singapore | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 04/02/2026, 17:51:51 | 02/03/2026, 01:20:04 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/02/2026, 16:34:33 | - |
| 98.126.102.••• :10079 | - | 🇺🇸 United States | Yes | true | Clean | AS4213 | Krypt Technologies | Krypt Technologies | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 106.12.155.••• :18789 | Assistant | 🇨🇳 China mainland | Yes | true | Leaked | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 09/02/2026, 02:16:33 | 02/03/2026, 01:20:04 | Yes | Yes | APT17, APT28, APT35, APT37, APT39, Cobalt Group, DragonFly, El-Machete, Gozi, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers | CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617 | 10/02/2026, 11:14:39 | bj189.cn, baidu.com |
| 45.55.236.••• :443 | CrabMonster (🦀) | 🇺🇸 United States | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 20/02/2026, 01:21:20 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 157.245.163.••• :18789 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 43.138.135.••• :18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 26/02/2026, 11:56:16 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 180.76.118.••• :18789 | 高考志愿填报专家 ((待定)) | 🇨🇳 China mainland | Yes | true | Leaked | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 10/02/2026, 21:31:25 | 02/03/2026, 01:20:04 | Yes | Yes | APT17, APT37, DragonFly, El-Machete, Gozi, Packrat | - | 14/02/2026, 10:59:58 | tfn.net.tw, baidu.com |
| 47.77.232.••• :18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45102 | Alibaba (US) Technology Co., Ltd. | Alibaba Cloud | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 161.35.231.••• :443 | - | 🇺🇸 United States | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 08/02/2026, 06:52:09 | 02/03/2026, 01:20:04 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/02/2026, 07:03:00 | - |
| 49.13.135.••• :18789 | - | 🇩🇪 Germany | Yes | true | Leaked | AS24940 | Hetzner Online GmbH | Hetzner Online | 19/02/2026, 17:10:30 | 02/03/2026, 01:20:04 | Yes | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT36, APT37, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 19/02/2026, 20:11:24 | hetzner.de, truecorp.co.th, hetzner.com |
| 1.12.254.••• :18789 | - | 🇨🇳 China mainland | - | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 106.12.61.••• :18789 | 小财神 (🪙) | 🇨🇳 China mainland | Yes | true | Clean | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 15/02/2026, 17:41:18 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 175.178.235.••• :18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 26/02/2026, 11:12:01 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 108.61.103.••• :18789 | Assistant | 🇳🇱 Netherlands | Yes | true | Leaked | AS20473 | The Constant Company, LLC | Vultr Holdings | 08/02/2026, 12:41:39 | 02/03/2026, 01:20:04 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, DragonFly, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/02/2026, 12:44:40 | vultr.com |
| 129.212.185.••• :443 | Vector (🦞) | 🇺🇸 United States | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 10/02/2026, 03:09:46 | 02/03/2026, 01:20:04 | No | No | - | - | 05/02/2026, 11:45:32 | - |
| 43.134.186.••• :18789 | - | 🇸🇬 Singapore | Yes | true | Leaked | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 17/02/2026, 10:47:13 | 02/03/2026, 01:20:04 | Yes | Yes | APT-C-23, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387 | 17/02/2026, 18:41:42 | tencent.com |
| 202.189.6.••• :18789 | Assistant | 🇨🇳 China mainland | Yes | true | Leaked | AS139180 | Shandong eshinton Network Technology Co., Ltd. | Shandong Eshinton Network Technology | 04/02/2026, 05:07:59 | 02/03/2026, 01:20:04 | Yes | No | - | CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023, CVE-2024-7347 | 05/02/2026, 18:48:45 | cnnic.cn |
| 47.116.10.••• :18789 | Assistant | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 11/02/2026, 08:00:37 | 02/03/2026, 01:20:04 | No | Yes | APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 12/02/2026, 09:02:39 | - |
| 45.33.28.••• :18789 | - | 🇺🇸 United States | Yes | true | Clean | AS63949 | Akamai Connected Cloud | Linode | 23/02/2026, 15:55:24 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 120.48.165.••• :18789 | Assistant | 🇺🇸 United States | Yes | true | Clean | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 26/02/2026, 14:53:53 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 165.154.147.••• :18789 | - | 🇲🇾 Malaysia | Yes | true | Clean | AS135377 | UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED | Ucloud Information Technology HK | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 194.233.79.••• :18789 | - | 🇸🇬 Singapore | Yes | true | Clean | AS141995 | Contabo Asia Private Limited | Contabo Asia Private Limited | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 45.55.121.••• :443 | Assistant | 🇺🇸 United States | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 20/02/2026, 20:43:47 | 02/03/2026, 01:20:04 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617 | 26/02/2026, 10:30:14 | - |
| 82.156.78.••• :18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 26/02/2026, 13:25:04 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 47.243.57.••• :18789 | 陈浩南 (📚) | 🇭🇰 Hong Kong | Yes | true | Clean | AS45102 | Alibaba (US) Technology Co., Ltd. | Alibaba Cloud HK | 12/02/2026, 12:37:13 | 02/03/2026, 01:20:04 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347 | 12/02/2026, 22:59:28 | - |
| 49.234.187.••• :18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 3.83.88.••• :443 | - | 🇺🇸 United States | Yes | true | Clean | AS14618 | Amazon.com, Inc. | Amazon Web Services | 27/02/2026, 04:56:08 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 78.191.113.••• :8443 | - | 🇹🇷 Türkiye | Yes | true | Clean | AS47331 | TTNet A.S. | TurkTelekom | 22/02/2026, 22:49:29 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 3.0.252.••• :18789 | - | 🇸🇬 Singapore | - | true | Clean | AS16509 | Amazon.com, Inc. | Amazon Web Services | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 43.165.126.••• :18789 | Assistant | 🇺🇸 United States | Yes | true | Leaked | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 05/02/2026, 17:19:24 | 02/03/2026, 01:20:04 | Yes | No | - | CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/02/2026, 22:08:24 | tencent.com |
| 14.103.98.••• :18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS137718 | Beijing Volcano Engine Technology Co., Ltd. / AS4811 China Telecom (Group) | Beijing Volcano Engine Technology | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 106.12.10.••• :18789 | Assistant | 🇨🇳 China mainland | Yes | true | Leaked | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 15/02/2026, 21:21:29 | 02/03/2026, 01:20:04 | Yes | Yes | APT17, APT37, DragonFly, El-Machete, Gozi, Packrat | CVE-2014-4078 | 16/02/2026, 17:18:54 | bj189.cn, baidu.com |
| 180.76.248.••• :18789 | Assistant | 🇨🇳 China mainland | Yes | true | Clean | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 26/02/2026, 00:47:35 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 74.1.20.••• :18789 | Mel (https://images.unsplash.com/photo-1557296387-5358ad7997bb?fm=jpg&q=60&w=3000&ixlib=rb-4.1.0&ixid=M3wxMjA3fDB8MHxwaG90by1yZWxhdGVkfDE0fHx8ZW58MHx8fHx8) | 🇧🇷 Brazil | Yes | true | Leaked | AS213738 | HOSTEG HOSPEDAGEM E SERVIDORES LTDA | HostG | 03/02/2026, 22:40:19 | 02/03/2026, 01:20:04 | Yes | No | - | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/02/2026, 17:52:58 | gtt.net, hiberniaatlantic.com |
| 157.230.245.••• :443 | Assistant | 🇸🇬 Singapore | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 19/02/2026, 01:32:56 | 02/03/2026, 01:20:04 | No | Yes | Salt Typhoon | CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-46724, CVE-2023-46728, CVE-2023-46846, CVE-2023-46847, CVE-2023-46848, CVE-2023-48795, CVE-2023-49285, CVE-2023-49286, CVE-2023-49288, CVE-2023-50269, CVE-2023-51384, CVE-2023-51385, CVE-2023-5824, CVE-2024-23638, CVE-2024-25111, CVE-2024-25617, CVE-2024-33427, CVE-2024-37894, CVE-2024-45802, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-54574, CVE-2025-59362, CVE-2025-61984, CVE-2025-61985, CVE-2025-62168 | 19/02/2026, 02:18:07 | - |
| 14.103.221.••• :18789 | 智小闻 (🚢) | 🇨🇳 China mainland | Yes | true | Clean | AS137718 | Beijing Volcano Engine Technology Co., Ltd. / AS4811 China Telecom (Group) | Beijing Volcano Engine Technology | 15/02/2026, 20:37:07 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 51.20.66.••• :18789 | - | 🇸🇪 Sweden | Yes | true | Clean | AS16509 | Amazon.com, Inc. | A100 Row | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 46.101.90.••• :8080 | - | 🇬🇧 United Kingdom | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 21/02/2026, 05:41:11 | 02/03/2026, 01:20:04 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 21/02/2026, 19:59:48 | takin.it |
| 156.238.236.••• :18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS401696 | cognetcloud INC | CognetCloud | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 118.145.114.••• :18789 | Clawra (🤖) | 🇨🇳 China mainland | Yes | true | Clean | AS137718 | Beijing Volcano Engine Technology Co., Ltd. | Beijing Volcano Engine Technology | 14/02/2026, 18:19:48 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 170.187.203.••• :18789 | - | 🇺🇸 United States | - | true | Clean | AS63949 | Akamai Connected Cloud | Linode | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 101.44.97.••• :443 | - | 🇸🇬 Singapore | Yes | true | Clean | AS136907 | HUAWEI CLOUDS | Huawei Cloud Hong Kong | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 122.51.4.••• :18789 | - | 🇨🇳 China mainland | - | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 120.48.41.••• :18789 | Assistant | 🇺🇸 United States | Yes | true | Clean | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 54.179.244.••• :18789 | (To be decided) | 🇸🇬 Singapore | Yes | true | Clean | AS16509 | Amazon.com, Inc. | Amazon | 05/02/2026, 10:50:27 | 02/03/2026, 01:20:04 | Yes | No | - | CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/02/2026, 21:33:07 | detalytics.com |
| 139.199.226.••• :18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 26/02/2026, 08:58:47 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 120.48.94.••• :18789 | meien1号 (💎) | 🇺🇸 United States | Yes | true | Leaked | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 11/02/2026, 13:50:54 | 02/03/2026, 01:20:04 | Yes | Yes | APT17, APT37, DragonFly, El-Machete, Gozi, Packrat | - | 12/02/2026, 14:10:46 | chinamobile.com, chinamobile.cn, baidu.com |
| 180.76.180.••• :18789 | Assistant | 🇨🇳 China mainland | Yes | true | Leaked | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 15/02/2026, 03:48:19 | 02/03/2026, 01:20:04 | Yes | Yes | APT17, APT37, DragonFly, El-Machete, Gozi, Packrat | - | 15/02/2026, 19:12:29 | tfn.net.tw, baidu.com |
| 43.167.209.••• :443 | - | 🇸🇬 Singapore | Yes | true | Clean | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 180.76.140.••• :18789 | Assistant | 🇨🇳 China mainland | Yes | true | Clean | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 26/02/2026, 06:00:22 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 2a01:4f8:c012:1b1d::1:80 | - | 🇩🇪 Germany | - | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner Online | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 98.126.102.••• :10026 | - | 🇺🇸 United States | Yes | true | Clean | AS4213 | Krypt Technologies | Krypt Technologies | 26/02/2026, 12:40:47 | 02/03/2026, 01:20:04 | Yes | Yes | APT14, APT15, APT28, APT31, APT37, APT39, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT, The Shadow Brokers, WIRTE | CVE-2000-1210, CVE-2001-0590, CVE-2002-0493, CVE-2005-4838, CVE-2006-20001, CVE-2006-7196, CVE-2007-1358, CVE-2007-2449, CVE-2008-0128, CVE-2009-2696, CVE-2013-2185, CVE-2013-4286, CVE-2013-4322, CVE-2013-4352, CVE-2013-4444, CVE-2013-4590, CVE-2013-5704, CVE-2013-6357, CVE-2013-6438, CVE-2014-0075, CVE-2014-0096, CVE-2014-0098, CVE-2014-0099, CVE-2014-0117, CVE-2014-0118, CVE-2014-0119, CVE-2014-0226, CVE-2014-0231, CVE-2014-3523, CVE-2014-3581, CVE-2014-8109, CVE-2015-0228, CVE-2015-3183, CVE-2015-3185, CVE-2016-0736, CVE-2016-20012, CVE-2016-2161, CVE-2016-4975, CVE-2016-5387, CVE-2016-8612, CVE-2016-8735, CVE-2016-8743, CVE-2017-15710, CVE-2017-15715, CVE-2017-15906, CVE-2017-3167, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-15473, CVE-2018-15919, CVE-2018-17199, CVE-2018-20685, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11985, CVE-2020-13938, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-8022, CVE-2021-26690, CVE-2021-26691, CVE-2021-34798, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-48795, CVE-2023-51385, CVE-2024-24795, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 26/02/2026, 12:42:19 | vpls.net, vpls.com |
| 194.164.234.••• :18789 | Assistant | 🇩🇪 Germany | Yes | true | Leaked | AS57043 | HOSTKEY B.V. | Hostkey | 14/02/2026, 00:44:31 | 02/03/2026, 01:20:04 | Yes | Yes | APT15, APT28, APT31, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT | CVE-2016-20012, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 14/02/2026, 14:43:18 | publicvm.com |
| 65.108.59.••• :18789 | - | 🇫🇮 Finland | Yes | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner Online | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 163.7.1.••• :18789 | 大龙虾 (Jarvis-CN) (🦞) | 🇸🇬 Singapore | Yes | true | Clean | AS150436 | Byteplus Pte. Ltd. | Byteplus | 19/02/2026, 18:40:33 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 89.144.8.••• :18789 | Assistant | 🇩🇪 Germany | Yes | true | Clean | AS214902 | Philip Fjaera trading as PFWeb Solutions | Ghostnet | 10/02/2026, 07:31:59 | 02/03/2026, 01:20:04 | No | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2024-6484, CVE-2024-6485, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728 | 10/02/2026, 14:09:26 | - |
| 130.185.118.••• :3000 | - | 🇫🇷 France | No | true | Leaked | AS51167 | Contabo GmbH | Contabo | 14/02/2026, 16:07:54 | 02/03/2026, 01:20:04 | Yes | No | - | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 24/02/2026, 07:45:17 | contaboserver.net, contabo.de, contabo.net |
| 47.83.132.••• :18789 | - | 🇨🇳 China mainland | - | true | Clean | AS45102 | Alibaba (US) Technology Co., Ltd. | Alibaba Cloud | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 40.160.63.••• :10089 | - | 🇺🇸 United States | Yes | true | Leaked | AS16276 | OVH SAS | Sd One Network | 23/02/2026, 11:27:05 | 02/03/2026, 01:20:04 | Yes | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 26/02/2026, 09:03:11 | ovh.net |
| 119.45.125.••• :18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 20/02/2026, 05:51:35 | 02/03/2026, 01:20:04 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Packrat, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385 | 23/02/2026, 12:57:22 | tencent.com |
| 141.95.55.••• :18789 | - | 🇩🇪 Germany | Yes | true | Clean | AS16276 | OVH SAS | OVH Germany | 26/02/2026, 17:07:27 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 154.26.133.••• :443 | - | 🇸🇬 Singapore | Yes | true | Clean | AS141995 | Contabo Asia Private Limited | Contabo Asia | 26/02/2026, 10:27:42 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 51.255.203.••• :18789 | Assistant | 🇫🇷 France | Yes | true | Leaked | AS16276 | OVH SAS | OVH | 05/02/2026, 10:50:28 | 02/03/2026, 01:20:04 | Yes | Yes | APT14, APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT40, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, UNC2452, Volt Typhoon, WIRTE | CVE-2006-20001, CVE-2016-20012, CVE-2017-15710, CVE-2017-15715, CVE-2018-11763, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-1333, CVE-2018-15473, CVE-2018-15919, CVE-2018-17189, CVE-2018-17199, CVE-2018-20685, CVE-2019-0196, CVE-2019-0197, CVE-2019-0211, CVE-2019-0217, CVE-2019-0220, CVE-2019-10081, CVE-2019-10082, CVE-2019-10092, CVE-2019-10098, CVE-2019-16905, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9517, CVE-2020-11993, CVE-2020-13938, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-33193, CVE-2021-34798, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898, CVE-2025-26465, CVE-2025-32728 | 05/02/2026, 21:32:26 | ovh.net |
| 47.242.123.••• :18789 | Claw (🦞) | 🇭🇰 Hong Kong | Yes | true | Clean | AS45102 | Alibaba (US) Technology Co., Ltd. | Alibaba Cloud HK | 03/02/2026, 22:40:15 | 02/03/2026, 01:20:04 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Carbanak, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, Lyceum APT, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, TA505, TEMP.Hermit, The Shadow Brokers, Volt Typhoon | CVE-2015-5352, CVE-2015-5600, CVE-2015-6563, CVE-2015-6564, CVE-2015-8325, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-1908, CVE-2016-20012, CVE-2016-3115, CVE-2016-6210, CVE-2016-6515, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/02/2026, 03:43:40 | - |
| 2a02:4780:10:cf8a::1:18789 | - | 🇺🇸 United States | - | true | Clean | AS47583 | Hostinger International Limited | Hostinger | 23/02/2026, 23:27:17 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 120.48.68.••• :18789 | Assistant | 🇺🇸 United States | Yes | true | Clean | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 152.42.182.••• :443 | - | 🇸🇬 Singapore | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 17/02/2026, 21:11:35 | 02/03/2026, 01:20:04 | No | Yes | APT15, APT17, APT28, APT31, APT36, APT37, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT, The Shadow Brokers | CVE-2021-3618, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 17/02/2026, 21:12:12 | - |
| 165.245.177.••• :18789 | - | 🇸🇬 Singapore | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 22/02/2026, 13:53:16 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 143.198.58.••• :443 | - | 🇺🇸 United States | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 08/02/2026, 17:10:34 | 02/03/2026, 01:20:04 | No | Yes | APT-C-23, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon | CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 11/02/2026, 16:06:22 | - |
| 120.48.96.••• :18789 | Assistant | 🇺🇸 United States | Yes | true | Clean | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 11/02/2026, 09:28:02 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 163.7.9.••• :18789 | Assistant | 🇸🇬 Singapore | Yes | true | Clean | AS150436 | Byteplus Pte. Ltd. | Byteplus | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 5.129.242.••• :18789 | Нуар (/avatar/main) | 🇷🇺 Russia | Yes | true | Leaked | AS9123 | JSC "TIMEWEB" | Taiwan Cloud | 03/02/2026, 22:40:48 | 02/03/2026, 01:20:04 | Yes | No | - | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/02/2026, 04:41:03 | novotelecom.ru |
| 38.38.248.••• :18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS400619 | AROSSCLOUD INC. | Peg Tech Inc | 10/02/2026, 00:51:11 | 02/03/2026, 01:20:04 | Yes | Yes | Salt Typhoon | CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385 | 17/02/2026, 22:07:33 | cogentco.com |
| 120.48.111.••• :18789 | Assistant | 🇺🇸 United States | Yes | true | Leaked | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 26/02/2026, 00:02:40 | 02/03/2026, 01:20:04 | Yes | Yes | APT17, APT37, DragonFly, El-Machete, Gozi, Packrat | - | 26/02/2026, 05:19:24 | chinamobile.com, chinamobile.cn, baidu.com |
| 2a02:4780:7:c9b3::1:18789 | - | 🇫🇷 France | - | true | Clean | AS47583 | Hostinger International Limited | Hostinger | 23/02/2026, 16:41:04 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 129.211.4.••• :18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 118.196.68.••• :18789 | 小乐 (😊) | 🇨🇳 China mainland | Yes | true | Leaked | AS137718 | Beijing Volcano Engine Technology Co., Ltd. / AS4811 China Telecom (Group) | Beijing Volcano Engine Technology | 26/02/2026, 04:31:12 | 02/03/2026, 01:20:04 | Yes | No | - | - | 26/02/2026, 09:46:10 | bytedance.com |
| 43.130.1.••• :18789 | - | 🇸🇬 Singapore | Yes | true | Leaked | AS132203 | Tencent Building, Kejizhongyi Avenue | 6 Collyer Quay | 26/02/2026, 02:16:54 | 02/03/2026, 01:20:04 | Yes | Yes | APT15, APT31, APT37, APT39, Bitter APT, Bluenoroff, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, Salt Typhoon, SideWinder APT | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728 | 26/02/2026, 03:01:57 | tencent.com |
| 165.245.186.••• :443 | Assistant | 🇸🇬 Singapore | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 19/02/2026, 08:59:34 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 120.48.98.••• :18789 | Assistant | 🇺🇸 United States | Yes | true | Leaked | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 18/02/2026, 04:46:05 | 02/03/2026, 01:20:04 | Yes | Yes | APT17, APT37, DragonFly, El-Machete, Gozi, Packrat | - | 21/02/2026, 06:29:17 | chinamobile.com, chinamobile.cn, baidu.com |
| 180.76.136.••• :18789 | Assistant | 🇨🇳 China mainland | Yes | true | Leaked | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 19/02/2026, 00:48:17 | 02/03/2026, 01:20:04 | Yes | Yes | APT17, APT28, APT35, APT37, APT39, Cobalt Group, DragonFly, El-Machete, Gozi, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617 | 19/02/2026, 17:59:22 | tfn.net.tw, baidu.com |
| 120.48.173.••• :18789 | Assistant | 🇺🇸 United States | Yes | true | Clean | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 01/03/2026, 18:23:31 | 02/03/2026, 01:20:04 | - | - | - | - | - | - |
| 120.48.124.••• :18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 11/02/2026, 09:28:02 | 02/03/2026, 01:20:04 | Yes | Yes | APT17, APT37, DragonFly, El-Machete, Gozi, Packrat | - | 12/02/2026, 00:58:39 | chinamobile.com, chinamobile.cn, baidu.com |