🦞 OpenClaw Exposure Watchboard

This page lists publicly reachable active OpenClaw instances for defensive awareness. If this is your deployment, enable authentication, remove direct public exposure, and patch immediately.

Exposed Instances: 234899 Page: 18 / 2349 (100 per page) Showing: 1701-1800 Last Imported: 03/03/2026, 10:47:41

Endpoint	Assistant Name	Country	auth_required	is_active	has_leaked_creds	asn	asn_name	org	first_seen	last_seen	asi_has_breach	asi_has_threat_actor	asi_threat_actors	asi_cves	asi_enriched_at	asi_domains
47.251.181.••• :18789	Assistant	🇺🇸 United States	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 23:27:09	03/03/2026, 10:21:40	No	No	-	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728	05/02/2026, 04:05:34	-
152.42.218.••• :443	Veronica (🔪)	🇸🇬 Singapore	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:51	03/03/2026, 10:21:40	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347	05/02/2026, 06:49:13	-
14.103.91.••• :18789	-	🇨🇳 China mainland	Yes	true	Leaked	AS137718	Beijing Volcano Engine Technology Co., Ltd. / AS4811 China Telecom (Group)	Beijing Volcano Engine Technology	21/02/2026, 17:02:41	03/03/2026, 10:21:40	Yes	-	-	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	21/02/2026, 17:07:42	bytedance.com
39.108.79.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	13/02/2026, 02:42:59	03/03/2026, 10:21:40	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers	CVE-2015-5352, CVE-2015-5600, CVE-2015-6563, CVE-2015-6564, CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	13/02/2026, 02:45:00	aliyun.com, ptcl.net.pk
138.197.198.••• :443	moltdub (🫠)	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:58	03/03/2026, 10:21:40	No	Yes	APT14, APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT40, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, UNC2452, Volt Typhoon, WIRTE	CVE-2006-20001, CVE-2016-20012, CVE-2017-15710, CVE-2017-15715, CVE-2018-11763, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-1333, CVE-2018-15473, CVE-2018-15919, CVE-2018-17189, CVE-2018-17199, CVE-2018-20685, CVE-2019-0196, CVE-2019-0197, CVE-2019-0211, CVE-2019-0217, CVE-2019-0220, CVE-2019-10081, CVE-2019-10082, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9517, CVE-2020-11993, CVE-2020-14145, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-33193, CVE-2021-34798, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 04:53:48	-
106.14.59.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	06/02/2026, 07:16:54	03/03/2026, 10:21:40	Yes	Yes	APT-C-23, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2000-1210, CVE-2001-0590, CVE-2002-0493, CVE-2005-4838, CVE-2006-7196, CVE-2007-1358, CVE-2007-2449, CVE-2008-0128, CVE-2009-2696, CVE-2013-2185, CVE-2013-4286, CVE-2013-4322, CVE-2013-4444, CVE-2013-4590, CVE-2013-6357, CVE-2014-0033, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0227, CVE-2014-0230, CVE-2014-7810, CVE-2015-5174, CVE-2015-5345, CVE-2015-8325, CVE-2016-0706, CVE-2016-0714, CVE-2016-0762, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-20012, CVE-2016-3115, CVE-2016-5018, CVE-2016-5388, CVE-2016-6210, CVE-2016-6515, CVE-2016-6794, CVE-2016-6796, CVE-2016-6797, CVE-2016-6816, CVE-2016-8735, CVE-2016-8858, CVE-2017-15906, CVE-2017-5647, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2020-8022, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387	06/02/2026, 07:20:49	bj189.cn, aliyun.com
49.233.171.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	03/02/2026, 23:26:43	03/03/2026, 10:21:40	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385	05/02/2026, 07:33:50	truecorp.co.th, tencent.com
143.198.78.••• :443	Assistant	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:20	03/03/2026, 10:21:40	Yes	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	04/02/2026, 18:53:28	-
47.80.18.••• :18789	听听 (🔧)	🇨🇳 China mainland	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	03/02/2026, 23:26:56	03/03/2026, 10:21:40	-	-	-	-	05/02/2026, 04:58:31	-
104.131.167.••• :443	Assistant	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:20	03/03/2026, 10:21:40	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728	05/02/2026, 08:24:16	-
150.158.146.••• :777	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	03/02/2026, 23:27:19	03/03/2026, 10:21:40	Yes	Yes	APT14, APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT40, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, Volt Typhoon, WIRTE	CVE-2006-20001, CVE-2013-1896, CVE-2013-4352, CVE-2013-5704, CVE-2013-6438, CVE-2014-0098, CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2014-3581, CVE-2014-8109, CVE-2015-0228, CVE-2015-3183, CVE-2015-3185, CVE-2016-0736, CVE-2016-10708, CVE-2016-20012, CVE-2016-2161, CVE-2016-4975, CVE-2016-5387, CVE-2016-8612, CVE-2016-8743, CVE-2017-15710, CVE-2017-15715, CVE-2017-15906, CVE-2017-3167, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-15473, CVE-2018-15919, CVE-2018-17199, CVE-2018-20685, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11985, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-34798, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2022-4900, CVE-2023-25690, CVE-2023-27522, CVE-2023-28625, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-46118, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898, CVE-2024-42516, CVE-2024-43204, CVE-2024-43394, CVE-2024-47252, CVE-2024-5458, CVE-2025-23048, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020	05/02/2026, 08:34:47	tencent.com
45.55.53.••• :443	Edge (📐)	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:21	03/03/2026, 10:21:40	No	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	04/02/2026, 06:36:59	-
104.248.64.••• :443	Bot (🤖)	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:19	03/03/2026, 10:21:40	No	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728	04/02/2026, 18:44:53	-
107.20.56.••• :443	Ops (—)	🇺🇸 United States	Yes	true	Clean	AS14618	Amazon.com, Inc.	Amazon	03/02/2026, 23:27:08	03/03/2026, 10:21:40	No	No	-	-	05/02/2026, 04:08:18	-
34.238.193.••• :18789	Vex (⚡)	🇺🇸 United States	Yes	true	Clean	AS14618	Amazon.com, Inc.	Amazon	19/02/2026, 02:23:00	03/03/2026, 10:21:40	No	No	-	-	13/02/2026, 02:28:12	-
43.162.105.••• :18789	周小森 (🌲)	🇸🇬 Singapore	Yes	true	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	03/02/2026, 23:26:52	03/03/2026, 10:21:40	Yes	No	-	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 05:10:12	tencent.com
43.160.244.••• :18789	cliff-openclaw (🦾)	🇸🇬 Singapore	Yes	true	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	10/02/2026, 11:58:43	03/03/2026, 10:21:40	Yes	No	-	CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	10/02/2026, 12:01:07	tencent.com
146.190.167.••• :443	Assistant	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:27	03/03/2026, 10:21:40	No	Yes	APT15, APT31, Bitter APT, Bluenoroff, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, Salt Typhoon, SideWinder APT	CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 08:10:21	-
47.88.56.••• :18789	Assistant	🇺🇸 United States	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 23:27:04	03/03/2026, 10:21:40	No	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Turla APT Group, Volt Typhoon	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 04:21:07	-
8.219.154.••• :18789	Assistant	🇸🇬 Singapore	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	03/02/2026, 23:26:52	03/03/2026, 10:21:40	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	05/02/2026, 05:10:18	-
152.42.214.••• :443	Apollo (☀️)	🇸🇬 Singapore	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:20	03/03/2026, 10:21:40	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	04/02/2026, 18:47:50	-
154.221.29.••• :443	-	🇭🇰 Hong Kong	Yes	true	Clean	AS142403	YISU CLOUD LTD	Yisu Cloud Ltd	25/02/2026, 04:10:20	03/03/2026, 10:21:39	No	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	25/02/2026, 04:16:06	-
139.196.193.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	03/02/2026, 23:27:02	03/03/2026, 10:21:39	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Silence Hacker Group, The Shadow Brokers, Volt Typhoon, WildCard APT	CVE-2016-20012, CVE-2017-15906, CVE-2018-11784, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2018-8014, CVE-2018-8034, CVE-2018-8037, CVE-2019-0199, CVE-2019-0221, CVE-2019-10072, CVE-2019-12418, CVE-2019-16905, CVE-2019-17563, CVE-2019-2684, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11996, CVE-2020-13934, CVE-2020-13935, CVE-2020-13943, CVE-2020-14145, CVE-2020-15778, CVE-2020-17527, CVE-2020-1935, CVE-2020-1938, CVE-2020-9484, CVE-2021-24122, CVE-2021-25122, CVE-2021-25329, CVE-2021-30640, CVE-2021-33037, CVE-2021-36368, CVE-2021-41079, CVE-2021-41617, CVE-2021-43980, CVE-2022-25762, CVE-2022-42252, CVE-2023-28708, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	05/02/2026, 04:26:36	-
47.252.102.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 23:27:04	03/03/2026, 10:21:39	No	Yes	APT-C-23, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2016-20012, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 04:22:47	-
165.232.45.••• :443	Cholo (🔍)	🇬🇧 United Kingdom	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	04/02/2026, 03:00:46	03/03/2026, 10:21:39	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT36, APT37, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 08:33:46	-
8.222.220.••• :18789	Assistant	🇸🇬 Singapore	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	03/02/2026, 23:27:05	03/03/2026, 10:21:39	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	05/02/2026, 04:20:09	-
209.74.86.••• :18789	-	🇺🇸 United States	Yes	true	Leaked	AS22612	Namecheap, Inc.	Namecheap	03/02/2026, 23:26:58	03/03/2026, 10:21:39	Yes	No	-	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 04:52:29	namecheap.com
46.101.189.••• :443	Ginevra (Ginny, G) (TBD)	🇩🇪 Germany	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:27	03/03/2026, 10:21:39	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 08:12:48	-
8.208.44.••• :18789	Assistant	🇸🇬 Singapore	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	03/02/2026, 23:26:51	03/03/2026, 10:21:39	No	-	-	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 05:13:42	-
124.220.61.••• :18789	AI学习助手 (🤖)	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	03/02/2026, 23:26:50	03/03/2026, 10:21:39	Yes	-	-	-	05/02/2026, 06:52:51	tencent.com, chinaunicom.cn
47.90.183.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 23:27:03	03/03/2026, 10:21:39	No	Yes	APT15, APT28, APT29, APT31, APT34, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 04:24:10	-
47.252.6.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 23:27:10	03/03/2026, 10:21:39	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	03/02/2026, 23:28:17	-
47.80.15.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	03/02/2026, 23:27:00	03/03/2026, 10:21:39	Yes	No	-	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 04:46:33	hichina.com, alibaba-inc.com
103.61.38.••• :9002	Assistant	🇭🇰 Hong Kong	Yes	true	Clean	AS134366	Cloud Computing HK Limited	Cloud Computing HK	06/02/2026, 09:31:47	03/03/2026, 10:21:39	Yes	Yes	APT15, APT28, APT31, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT	CVE-2016-20012, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385	06/02/2026, 09:34:42	datadock.ne.jp
47.85.49.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	03/02/2026, 23:26:40	03/03/2026, 10:21:39	Yes	No	-	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 07:40:38	hichina.com, alibaba-inc.com
2a02:4780:5e:7923::1:50060	-	🇲🇾 Malaysia	-	true	Clean	AS47583	Hostinger International Limited	Hostinger	10/02/2026, 04:42:01	03/03/2026, 10:21:39	-	-	-	-	-	-
8.219.143.••• :18789	Assistant	🇸🇬 Singapore	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	03/02/2026, 23:26:56	03/03/2026, 10:21:39	No	No	-	CVE-2018-1000024, CVE-2018-1000027, CVE-2018-1172, CVE-2018-19131, CVE-2018-19132, CVE-2019-12519, CVE-2019-12520, CVE-2019-12521, CVE-2019-12522, CVE-2019-12523, CVE-2019-12524, CVE-2019-12525, CVE-2019-12526, CVE-2019-12528, CVE-2019-12529, CVE-2019-13345, CVE-2019-18676, CVE-2019-18677, CVE-2019-18678, CVE-2019-18679, CVE-2019-18860, CVE-2020-11945, CVE-2020-14058, CVE-2020-15049, CVE-2020-15810, CVE-2020-15811, CVE-2020-24606, CVE-2020-25097, CVE-2020-8449, CVE-2020-8450, CVE-2020-8517, CVE-2021-28116, CVE-2021-28651, CVE-2021-28652, CVE-2021-31806, CVE-2021-31807, CVE-2021-31808, CVE-2021-33620, CVE-2021-46784, CVE-2022-41318, CVE-2023-46724, CVE-2023-46728, CVE-2023-46846, CVE-2023-46847, CVE-2023-49285, CVE-2023-49286, CVE-2023-49288, CVE-2023-50269, CVE-2023-5824, CVE-2024-25111, CVE-2024-25617, CVE-2024-33427, CVE-2024-37894, CVE-2024-45802	05/02/2026, 04:59:17	-
49.233.219.••• :18789	赚点摩尔豆 (🫘)	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	03/02/2026, 23:26:58	03/03/2026, 10:21:39	Yes	No	-	-	05/02/2026, 04:54:07	truecorp.co.th, tencent.com
134.209.88.••• :443	W-for-Learning (W for short) (✨)	🇳🇱 Netherlands	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:18	03/03/2026, 10:21:39	No	Yes	APT14, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2006-20001, CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2021-44224, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-31122, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728	05/02/2026, 08:26:09	-
114.215.172.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	03/02/2026, 23:26:33	03/03/2026, 10:21:39	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728	05/02/2026, 08:09:15	aliyun.com
8.162.15.••• :18789	Assistant	🇸🇬 Singapore	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alibaba Cloud	03/02/2026, 23:26:28	03/03/2026, 10:21:39	-	-	-	-	05/02/2026, 08:19:14	-
8.222.222.••• :18789	Assistant	🇸🇬 Singapore	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	03/02/2026, 23:27:00	03/03/2026, 10:21:39	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 04:44:46	-
165.227.22.••• :443	Kai (🌊)	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:23	03/03/2026, 10:21:39	No	Yes	Salt Typhoon	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728	05/02/2026, 08:19:39	-
82.158.226.••• :8443	Assistant	🇭🇰 Hong Kong	Yes	true	Clean	AS401701	cognetcloud INC	Vapeliner Technology (HK) Limited	03/02/2026, 23:27:23	03/03/2026, 10:21:39	No	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	04/02/2026, 18:49:25	-
47.92.210.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	03/02/2026, 23:27:11	03/03/2026, 10:21:39	No	Yes	APT-C-23, Gamaredon Group, Ghostwriter, Lazarus Group, Turla APT Group, Volt Typhoon	CVE-2021-3618, CVE-2022-41741, CVE-2022-41742, CVE-2023-44487, CVE-2024-7347	04/02/2026, 21:23:38	-
115.190.195.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS137718	Beijing Volcano Engine Technology Co., Ltd.	Beijing Volcano Engine Technology	03/02/2026, 23:26:33	03/03/2026, 10:21:39	No	No	-	-	05/02/2026, 08:07:40	-
47.252.2.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 23:26:47	03/03/2026, 10:21:39	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 07:22:22	-
172.208.68.••• :18789	moltbot (⚡)	🇺🇸 United States	Yes	true	Clean	AS8075	Microsoft Corporation	Cloud	03/02/2026, 23:27:08	03/03/2026, 10:21:39	-	-	-	-	05/02/2026, 04:09:11	-
47.253.35.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 23:26:56	03/03/2026, 10:21:39	-	-	-	-	05/02/2026, 04:58:28	-
143.198.31.••• :443	Assistant	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:27:15	03/03/2026, 10:21:39	No	Yes	Salt Typhoon	CVE-2016-20012, CVE-2020-14145, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385	05/02/2026, 08:49:59	-
47.252.69.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 23:26:55	03/03/2026, 10:21:39	No	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 05:01:51	-
120.48.151.••• :18789	Assistant	🇺🇸 United States	Yes	true	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	07/02/2026, 18:23:27	03/03/2026, 10:21:39	Yes	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	07/02/2026, 18:51:13	chinamobile.com, chinamobile.cn, baidu.com
165.227.141.••• :443	Assistant	🇩🇪 Germany	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:21	03/03/2026, 10:21:39	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2022-31008, CVE-2023-28531, CVE-2023-38408, CVE-2023-46118, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728	04/02/2026, 18:52:02	-
159.89.146.••• :443	Caddy (🏌️)	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:23	03/03/2026, 10:21:39	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	04/02/2026, 18:48:06	-
47.253.247.••• :18789	阿里爪爪 (/avatar/main)	🇨🇳 China mainland	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 23:27:09	03/03/2026, 10:21:39	No	No	-	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 04:04:59	-
5.75.249.••• :18789	Assistant	🇩🇪 Germany	Yes	true	Leaked	AS24940	Hetzner Online GmbH	Hetzner Online	03/02/2026, 23:27:03	03/03/2026, 10:21:39	Yes	Yes	APT-C-23, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2014-0128, CVE-2014-3609, CVE-2014-6270, CVE-2014-7141, CVE-2014-7142, CVE-2015-3455, CVE-2016-10002, CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-3948, CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054, CVE-2016-4555, CVE-2016-4556, CVE-2018-1000024, CVE-2019-12519, CVE-2019-12521, CVE-2019-12523, CVE-2019-12526, CVE-2019-12529, CVE-2019-18676, CVE-2019-18677, CVE-2019-18678, CVE-2019-18679, CVE-2020-11945, CVE-2020-14058, CVE-2020-15049, CVE-2020-24606, CVE-2020-25097, CVE-2021-23017, CVE-2021-28651, CVE-2021-28652, CVE-2021-31807, CVE-2021-3618, CVE-2021-46784, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 04:24:02	hetzner.com
123.57.83.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	03/02/2026, 23:27:12	03/03/2026, 10:21:39	Yes	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Turla APT Group, Volt Typhoon	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-4577, CVE-2024-5458, CVE-2024-7347	05/02/2026, 08:57:32	aliyun.com
104.236.52.••• :443	Kai (🌊)	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:45	03/03/2026, 10:21:39	No	No	-	CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 04:04:58	-
3.27.195.••• :443	Assistant	🇦🇺 Australia	Yes	true	Clean	AS16509	Amazon.com, Inc.	Amazon Corporate Services	03/02/2026, 23:26:21	03/03/2026, 10:21:39	No	-	-	-	05/02/2026, 08:27:33	-
47.253.151.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 23:27:11	03/03/2026, 10:21:39	No	Yes	Salt Typhoon	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728	05/02/2026, 04:01:39	-
64.227.86.••• :443	*(still figuring this out) (🌊)	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:27:13	03/03/2026, 10:21:39	-	-	-	-	05/02/2026, 08:54:29	-
47.86.87.••• :18789	Assistant	🇭🇰 Hong Kong	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud HK	03/02/2026, 23:26:53	03/03/2026, 10:21:39	No	No	-	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 05:08:26	-
47.90.165.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 23:26:54	03/03/2026, 10:21:39	No	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 04:43:57	-
47.82.219.••• :18789	Jarvis (🤖)	🇨🇳 China mainland	Yes	true	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	03/02/2026, 23:26:52	03/03/2026, 10:21:39	Yes	No	-	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 05:10:49	hichina.com, alibaba-inc.com
8.219.219.••• :18789	Assistant	🇸🇬 Singapore	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	03/02/2026, 23:26:40	03/03/2026, 10:21:39	No	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 07:45:31	-
120.48.165.••• :18789	Assistant	🇺🇸 United States	Yes	true	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	12/02/2026, 14:54:17	03/03/2026, 10:21:39	Yes	Yes	APT37, El-Machete, Gozi	-	12/02/2026, 14:56:49	chinamobile.com, chinamobile.cn, baidu.com
47.253.238.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 23:26:58	03/03/2026, 10:21:39	No	No	-	CVE-2025-26465, CVE-2025-26466, CVE-2025-32728	05/02/2026, 04:53:19	-
43.153.124.••• :18789	小新 (🤖✨)	🇸🇬 Singapore	Yes	true	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	03/02/2026, 23:26:43	03/03/2026, 10:21:39	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 07:31:43	tencent.com
47.245.81.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	03/02/2026, 23:26:54	03/03/2026, 10:21:39	Yes	Yes	APT15, APT17, APT31, APT36, APT37, APT45, Bitter APT, Bluenoroff, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, Salt Typhoon, SideWinder APT	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 05:07:03	hichina.com, alibaba-inc.com
91.99.15.••• :18789	Bruno (🐺)	🇩🇪 Germany	Yes	true	Leaked	AS24940	Hetzner Online GmbH	Hetzner Online	03/02/2026, 23:27:11	03/03/2026, 10:21:39	Yes	No	-	CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	04/02/2026, 21:25:20	hetzner.com
43.163.210.••• :18789	Assistant	🇸🇬 Singapore	Yes	true	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	03/02/2026, 23:27:02	03/03/2026, 10:21:39	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 04:29:11	tencent.com
44.244.254.••• :443	TARS (Terrain Assistance Robotic Service) (/avatar/main)	🇺🇸 United States	Yes	true	Clean	AS16509	Amazon.com, Inc.	Amazon	06/02/2026, 19:21:59	03/03/2026, 10:21:39	No	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:24:38	-
138.197.16.••• :443	redbolt	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:21	03/03/2026, 10:21:39	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2022-26691, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-1322, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728	04/02/2026, 21:26:10	-
47.107.143.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	03/02/2026, 23:26:41	03/03/2026, 10:21:39	No	No	-	CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728	05/02/2026, 07:38:06	-
36.137.78.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS9808	China Mobile Communications Group Co., Ltd.	China Mobile	08/02/2026, 11:18:59	03/03/2026, 10:21:39	Yes	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	08/02/2026, 11:20:04	bj189.cn, chinamobile.com, ctwing.cn, chinamobile.cn, xuite.net, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, cht.com.tw, 189free.cn, daqu.com.cn, chttl.com.tw, ctyun.cn
1.15.13.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	16/02/2026, 02:35:40	03/03/2026, 10:21:39	Yes	Yes	APT37, El-Machete	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	16/02/2026, 02:41:22	tencent.com, tot.co.th
47.80.21.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	03/02/2026, 23:26:50	03/03/2026, 10:21:39	Yes	No	-	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 06:53:18	hichina.com, alibaba-inc.com
8.222.128.••• :18789	Assistant	🇸🇬 Singapore	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	03/02/2026, 23:26:46	03/03/2026, 10:21:39	No	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 07:22:57	-
39.107.53.••• :18789	-	🇨🇳 China mainland	Yes	true	Leaked	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	25/02/2026, 05:39:52	03/03/2026, 10:21:39	Yes	Yes	Packrat	-	25/02/2026, 05:43:43	aliyun.com, ptcl.net.pk
64.226.119.••• :443	FARIS (🕌)	🇩🇪 Germany	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:25	03/03/2026, 10:21:39	No	Yes	APT17, APT36, APT37, APT45, CloudSorcerer, Daggerfly APT, Kimsuky, MuddyWater Group, SideWinder APT, The Shadow Brokers	CVE-2023-44487, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-23419	04/02/2026, 18:44:52	-
134.199.195.••• :443	Assistant	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:19	03/03/2026, 10:21:39	No	No	-	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	04/02/2026, 18:49:33	-
164.90.157.••• :443	Ziggy (⚡)	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:27:16	03/03/2026, 10:21:39	No	Yes	APT14, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, UNC2452, Volt Typhoon, WIRTE	CVE-2006-20001, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-17189, CVE-2018-17199, CVE-2018-20685, CVE-2019-0190, CVE-2019-0196, CVE-2019-0197, CVE-2019-0211, CVE-2019-0215, CVE-2019-0217, CVE-2019-0220, CVE-2019-10081, CVE-2019-10082, CVE-2019-10092, CVE-2019-10097, CVE-2019-10098, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9517, CVE-2020-11984, CVE-2020-11993, CVE-2020-12062, CVE-2020-13938, CVE-2020-13950, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-23017, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-30641, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-3618, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2022-41741, CVE-2022-41742, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-44487, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-39894, CVE-2024-40898, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728	04/02/2026, 21:25:39	-
206.189.173.••• :443	ReneBot (🤖)	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:27:20	03/03/2026, 10:21:39	-	-	-	-	04/02/2026, 18:49:15	-
47.85.45.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	03/02/2026, 23:26:55	03/03/2026, 10:21:39	Yes	No	-	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 05:03:41	hichina.com, alibaba-inc.com
8.148.248.••• :18789	Assistant	🇸🇬 Singapore	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alibaba Cloud	03/02/2026, 23:26:32	03/03/2026, 10:21:39	No	No	-	-	05/02/2026, 08:09:46	-
34.86.116.••• :80	Assistant	🇺🇸 United States	Yes	true	Clean	AS396982	Google LLC	Google	22/02/2026, 09:29:27	03/03/2026, 10:21:39	No	No	-	CVE-2025-26618, CVE-2025-32433, CVE-2025-46712	22/02/2026, 09:31:53	-
47.254.94.••• :18789	Assistant	🇺🇸 United States	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 23:26:48	03/03/2026, 10:21:39	No	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728	05/02/2026, 06:58:49	-
47.251.86.••• :18789	Assistant	🇺🇸 United States	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 23:27:03	03/03/2026, 10:21:39	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 04:25:43	-
8.220.149.••• :18789	Assistant	🇸🇬 Singapore	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	03/02/2026, 23:27:09	03/03/2026, 10:21:39	No	Yes	APT15, APT28, APT31, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385	05/02/2026, 04:05:21	-
115.190.129.••• :18789	-	🇨🇳 China mainland	Yes	true	Clean	AS137718	Beijing Volcano Engine Technology Co., Ltd.	Beijing Volcano Engine Technology	25/02/2026, 05:39:52	03/03/2026, 10:21:39	No	No	-	CVE-2021-23017, CVE-2021-3618, CVE-2022-41741, CVE-2022-41742, CVE-2023-44487, CVE-2024-7347, CVE-2025-23419	25/02/2026, 05:43:45	-
106.12.165.••• :18789	小丽 (👩💼)	🇨🇳 China mainland	Yes	true	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	03/02/2026, 23:26:22	03/03/2026, 10:21:39	Yes	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT37, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, DragonFly, El-Machete, Gamaredon Group, Gaza Cybergang, Gozi, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Packrat, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	04/02/2026, 06:35:33	bj189.cn, baidu.com
47.253.141.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 23:26:47	03/03/2026, 10:21:39	No	No	-	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 07:01:11	-
118.196.77.••• :18789	-	🇨🇳 China mainland	Yes	true	Clean	AS137718	Beijing Volcano Engine Technology Co., Ltd. / AS4811 China Telecom (Group)	Beijing Volcano Engine Technology	04/02/2026, 11:27:33	03/03/2026, 10:21:39	-	-	-	-	05/02/2026, 08:51:09	-
119.29.10.••• :18789	-	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	03/02/2026, 23:27:09	03/03/2026, 10:21:39	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347, CVE-2025-23419	05/02/2026, 04:05:37	tencent.com
65.87.7.••• :18789	Kyun	🇺🇸 United States	Yes	true	Clean	AS215659	Aokigahara SRL	Private Customer	03/02/2026, 23:26:54	03/03/2026, 10:21:39	No	Yes	APT14, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2006-20001, CVE-2016-20012, CVE-2021-36368, CVE-2021-41617, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 05:07:54	-
47.250.46.••• :18789	Assistant	🇲🇾 Malaysia	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Malaysia	03/02/2026, 23:26:54	03/03/2026, 10:21:39	No	Yes	APT14, APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT40, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, Volt Typhoon, WIRTE	CVE-2006-20001, CVE-2013-4352, CVE-2013-5704, CVE-2013-6438, CVE-2014-0098, CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2014-3523, CVE-2014-3581, CVE-2014-8109, CVE-2015-0228, CVE-2015-3183, CVE-2015-3185, CVE-2016-0736, CVE-2016-10708, CVE-2016-20012, CVE-2016-2161, CVE-2016-4975, CVE-2016-5387, CVE-2016-8612, CVE-2016-8743, CVE-2017-15710, CVE-2017-15715, CVE-2017-15906, CVE-2017-3167, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-15473, CVE-2018-15919, CVE-2018-17199, CVE-2018-20685, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11985, CVE-2020-13938, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-34798, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728	05/02/2026, 05:04:47	-
137.184.176.••• :443	Assistant	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 23:26:18	03/03/2026, 10:21:39	No	Yes	APT-C-23, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347	05/02/2026, 08:31:35	-
23.91.97.••• :18789	大狗	🇭🇰 Hong Kong	Yes	true	Leaked	AS135377	UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED	UCloud	16/02/2026, 12:08:17	03/03/2026, 10:21:39	Yes	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	16/02/2026, 12:14:02	ucloud.cn
149.102.150.••• :18789	Ари (Ari) (/avatar/main)	🇩🇪 Germany	Yes	true	Leaked	AS51167	Contabo GmbH	Contabo	03/02/2026, 23:27:11	03/03/2026, 10:21:39	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	04/02/2026, 21:24:14	cogentco.com, contaboserver.net
47.94.208.••• :18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	03/02/2026, 23:27:08	03/03/2026, 10:21:39	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 04:08:58	-

🦞 OpenClaw Exposure Watchboard

Ship Secure Enterprise AI Agents 10× Faster with vivgrid.com

Vivgrid gives you authentication, model gateway, tool control, cost tracking, and enterprise observability — everything you need to ship AI agents safely at scale.