🦞 OpenClaw Exposure Watchboard

This page lists publicly reachable active OpenClaw instances for defensive awareness. If this is your deployment, enable authentication, remove direct public exposure, and patch immediately.

Exposed Instances: 816988 Page: 5373 / 8170 (100 per page) Showing: 537201-537300 Last Imported: 15/05/2026, 09:32:33

🇨🇳 425,761

🇺🇸 231,518

Endpoint	Assistant Name	Country	auth_required	is_active	has_leaked_creds	asn	asn_name	org	first_seen	last_seen	asi_has_breach	asi_has_threat_actor	asi_threat_actors	asi_cves	asi_enriched_at	asi_domains
165.227.213.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:56:00	18/04/2026, 00:41:08	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT36, APT37, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	23/02/2026, 21:56:36	-
172.105.34.•••:18789	-	🇮🇳 India	Yes	false	Leaked	AS63949	Akamai Connected Cloud	Linode	23/02/2026, 09:56:00	23/02/2026, 21:56:02	Yes	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-16843, CVE-2018-16844, CVE-2018-16845, CVE-2018-20685, CVE-2019-20372, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728	23/02/2026, 21:56:38	armadaservers.com
46.224.43.•••:18789	-	🇩🇪 Germany	-	false	Leaked	AS24940	Hetzner Online GmbH	Hetzner	23/02/2026, 09:56:00	24/02/2026, 12:55:31	Yes	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	23/02/2026, 21:56:40	your-server.de
150.109.13.•••:18789	-	🇸🇬 Singapore	Yes	false	Clean	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	23/02/2026, 09:56:00	05/03/2026, 00:43:48	No	No	-	-	17/02/2026, 21:56:44	-
135.181.83.•••:18789	-	🇫🇮 Finland	-	false	Leaked	AS24940	Hetzner Online GmbH	Hetzner Online	23/02/2026, 09:56:00	22/03/2026, 14:34:02	Yes	No	-	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	04/03/2026, 06:07:30	hetzner.com
68.183.205.•••:18789	-	🇨🇦 Canada	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:56:00	03/04/2026, 21:40:59	No	Yes	APT-C-23, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT45, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728	23/02/2026, 21:56:46	-
101.59.99.•••:18789	-	🇮🇹 Italy	Yes	false	Leaked	AS210278	Sky Italia srl	Sky Broadband	23/02/2026, 09:56:00	18/04/2026, 00:41:33	Yes	No	-	CVE-2024-6484, CVE-2024-6485	18/04/2026, 00:53:57	startdedicated.de, chickenkiller.com, quickconnect.to, fastspeed.dk, dnsrd.com, sky.it, dns04.com, skytv.it
164.90.199.•••:18789	-	🇳🇱 Netherlands	-	false	Leaked	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:56:00	17/04/2026, 10:04:09	Yes	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387	23/02/2026, 21:56:56	rcnhost.com, digitaloceanspaces.com, paperspace.io, digitalocean.com, scotch.io, snapshooter.com, paperspace.com, css-tricks.com
101.32.116.•••:18789	Meme猎手 / MemeHunter (🎯)	🇸🇬 Singapore	Yes	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	23/02/2026, 09:56:00	23/02/2026, 21:56:02	Yes	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	23/02/2026, 21:56:58	tencent.com, optage.co.jp
185.138.89.•••:18789	-	🇵🇹 Portugal	-	false	Clean	AS215540	GLOBAL CONNECTIVITY SOLUTIONS LLP	Global Connectivity Solutions	23/02/2026, 09:53:48	23/02/2026, 21:08:02	-	-	-	-	-	-
106.14.194.•••:18789	-	🇨🇳 China mainland	Yes	false	Leaked	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	23/02/2026, 09:53:47	01/03/2026, 19:36:30	Yes	Yes	APT14, APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT40, APT41, Bitter APT, Bluenoroff, Callisto Group, Carbanak, Cobalt Group, Donot Team, Earth Berberoka, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, Lyceum APT, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, TEMP.Hermit, The Shadow Brokers, Volt Typhoon, WIRTE	CVE-2000-1210, CVE-2001-0590, CVE-2002-0493, CVE-2005-4838, CVE-2006-20001, CVE-2006-7196, CVE-2007-1358, CVE-2007-2449, CVE-2008-0128, CVE-2008-0455, CVE-2009-2696, CVE-2009-3560, CVE-2009-3720, CVE-2010-0434, CVE-2010-1452, CVE-2010-1623, CVE-2010-2068, CVE-2010-4478, CVE-2010-4755, CVE-2010-5107, CVE-2011-0419, CVE-2011-3192, CVE-2011-3348, CVE-2011-3368, CVE-2011-3607, CVE-2011-3639, CVE-2011-4317, CVE-2011-4327, CVE-2011-4415, CVE-2011-5000, CVE-2012-0031, CVE-2012-0053, CVE-2012-0814, CVE-2012-0883, CVE-2012-2687, CVE-2012-3499, CVE-2012-4557, CVE-2012-4558, CVE-2013-1862, CVE-2013-1896, CVE-2013-2185, CVE-2013-2249, CVE-2013-4286, CVE-2013-4322, CVE-2013-4444, CVE-2013-4590, CVE-2013-5704, CVE-2013-6357, CVE-2013-6438, CVE-2014-0075, CVE-2014-0096, CVE-2014-0098, CVE-2014-0099, CVE-2014-0118, CVE-2014-0119, CVE-2014-0226, CVE-2014-0231, CVE-2014-1692, CVE-2014-2532, CVE-2014-2653, CVE-2015-0228, CVE-2015-3183, CVE-2015-5352, CVE-2015-5600, CVE-2015-6563, CVE-2015-6564, CVE-2015-8325, CVE-2016-0777, CVE-2016-10002, CVE-2016-10003, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-1908, CVE-2016-20012, CVE-2016-3115, CVE-2016-4975, CVE-2016-5387, CVE-2016-6210, CVE-2016-6515, CVE-2016-8612, CVE-2016-8743, CVE-2017-15906, CVE-2017-15945, CVE-2017-3167, CVE-2017-3169, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-1000024, CVE-2018-1000027, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-15473, CVE-2018-19131, CVE-2018-19132, CVE-2018-20685, CVE-2019-12519, CVE-2019-12520, CVE-2019-12521, CVE-2019-12522, CVE-2019-12523, CVE-2019-12524, CVE-2019-12525, CVE-2019-12526, CVE-2019-12528, CVE-2019-12529, CVE-2019-13345, CVE-2019-16905, CVE-2019-18676, CVE-2019-18677, CVE-2019-18678, CVE-2019-18679, CVE-2019-18860, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11945, CVE-2020-14058, CVE-2020-14145, CVE-2020-15049, CVE-2020-15778, CVE-2020-15810, CVE-2020-15811, CVE-2020-24606, CVE-2020-25097, CVE-2020-8022, CVE-2020-8449, CVE-2020-8450, CVE-2020-8517, CVE-2021-28116, CVE-2021-28651, CVE-2021-28652, CVE-2021-31806, CVE-2021-31807, CVE-2021-31808, CVE-2021-33620, CVE-2021-34798, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44790, CVE-2021-46784, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-37436, CVE-2022-41318, CVE-2023-28625, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-46724, CVE-2023-46728, CVE-2023-46846, CVE-2023-46847, CVE-2023-48795, CVE-2023-49285, CVE-2023-49286, CVE-2023-49288, CVE-2023-50269, CVE-2023-51384, CVE-2023-51385, CVE-2023-5824, CVE-2024-25617, CVE-2024-33427, CVE-2024-37894, CVE-2024-45802	01/03/2026, 09:16:22	bj189.cn, aliyun.com
47.254.229.•••:18789	Assistant	🇲🇾 Malaysia	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Malaysia	23/02/2026, 09:53:47	23/02/2026, 21:08:02	-	-	-	-	-	-
39.97.55.•••:18789	-	🇨🇳 China mainland	-	false	Leaked	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	23/02/2026, 09:53:47	24/02/2026, 14:29:32	Yes	No	-	-	24/02/2026, 09:10:50	aliyun.com, ptcl.net.pk
140.238.70.•••:18789	-	🇺🇸 United States	Yes	false	Leaked	AS31898	Oracle Corporation	Oracle Cloud	23/02/2026, 09:53:47	16/04/2026, 23:30:51	Yes	Yes	APT-C-23, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon, gozi	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	26/02/2026, 09:42:56	healtheintent.com, purewellness.com, cerner.ae, retek.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, oracle.com, hiedirectconnect.org, maxymiser.net, oraclecloudservices.com, rsys2.net, hyperroll.com, nor1.com, oxygen.systems, oraclegovcloud.com, orcale.com, oraclemobile.com, sun.co.in, openair.co, oraclepdemos.com, stellent.com, siebel.com, cerner.net, oracle-cloud.com, docucorp.com, mvalent.com, netsuiteforms.com, oracleemaildelivery.com, oraclecloud.com, en25.com, solaris.com, rightnowtech.com, think.com, ipapp.com, jdedwards.com, tiger-institute.org, zenedge.com, skire.com, sun.com, sales.com, fyleio.com, push.io, estara.com, tekelec.com, paymyhealthbill.com, dyndns.com, java.net, optika.com, jcp.org, smed.com, cernerenviza-tw.com, datafox.com, recruitmax.com, decisioneering.com, adiinsights.com, stortek.com, seebeyond.com, livelook.com, openjdk.org, virtualbox.org, dyn.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, storagetek.com, oracledatacloud.com
2a02:4780:10:5595::1:18789	-	🇺🇸 United States	-	false	Clean	AS47583	Hostinger International Limited	Hostinger	23/02/2026, 09:53:47	21/03/2026, 03:46:55	-	-	-	-	-	-
121.41.88.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	23/02/2026, 09:53:47	23/02/2026, 21:08:01	-	-	-	-	-	-
120.48.52.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:47	23/02/2026, 21:08:01	-	-	-	-	-	-
45.55.219.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:53:47	17/04/2026, 10:01:55	No	No	-	CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	01/03/2026, 20:55:28	-
146.190.98.•••:18789	-	🇸🇬 Singapore	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:53:47	24/02/2026, 12:53:15	No	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT36, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Turla APT Group, Volt Typhoon	CVE-2006-20001, CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-36760, CVE-2022-37436, CVE-2022-41741, CVE-2022-41742, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	24/02/2026, 12:54:27	-
142.93.189.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:53:47	27/03/2026, 05:38:46	-	-	-	-	-	-
173.179.115.•••:18789	-	🇨🇦 Canada	-	false	Clean	AS5769	Videotron Ltee	Videotron	23/02/2026, 09:53:47	03/04/2026, 04:25:43	No	No	-	CVE-2025-14177, CVE-2025-14178, CVE-2025-14180	24/02/2026, 14:29:29	-
2a02:4780:41:b142::1:18789	-	🇩🇪 Germany	-	false	Clean	AS47583	Hostinger International Limited	Hostinger	23/02/2026, 09:53:47	15/04/2026, 22:36:23	-	-	-	-	-	-
120.48.66.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:47	23/02/2026, 21:08:01	-	-	-	-	-	-
104.21.58.•••:18789	-	🇺🇸 United States	-	false	Clean	AS13335	Cloudflare, Inc.	Cloudflare	23/02/2026, 09:53:47	23/02/2026, 21:08:01	-	-	-	-	-	-
47.85.15.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	23/02/2026, 09:53:47	23/02/2026, 21:08:01	-	-	-	-	-	-
43.135.145.•••:18789	-	🇺🇸 United States	Yes	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	23/02/2026, 09:53:47	12/03/2026, 14:01:27	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	01/03/2026, 20:56:58	tencent.com
187.235.96.•••:18789	-	🇲🇽 Mexico	-	false	Clean	AS8151	UNINET	Uninet	23/02/2026, 09:53:47	26/02/2026, 17:04:12	-	-	-	-	-	-
118.145.98.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS137718	Beijing Volcano Engine Technology Co., Ltd.	Beijing Volcano Engine Technology	23/02/2026, 09:53:47	16/03/2026, 18:01:17	Yes	No	-	-	02/03/2026, 00:32:49	bytedance.com
178.128.51.•••:18789	-	🇸🇬 Singapore	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:53:47	01/03/2026, 22:17:10	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	24/02/2026, 12:55:05	-
111.230.40.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	23/02/2026, 09:53:47	13/03/2026, 10:28:10	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2022-4900, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-43622, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-36387, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898, CVE-2024-42516, CVE-2024-43204, CVE-2024-43394, CVE-2024-47252, CVE-2024-5458, CVE-2025-23048, CVE-2025-26465, CVE-2025-32728, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020, CVE-2025-55753, CVE-2025-59775, CVE-2025-61984, CVE-2025-61985, CVE-2025-65082, CVE-2025-66200	26/02/2026, 08:55:21	tencent.com, chinamobile.com, chinamobile.cn
2a02:4780:f:24de::1:18789	-	🇬🇧 United Kingdom	-	false	Clean	AS47583	Hostinger International Limited	Hostinger	23/02/2026, 09:53:46	18/03/2026, 14:14:12	-	-	-	-	-	-
39.105.121.•••:18789	-	🇨🇳 China mainland	Yes	false	Leaked	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	23/02/2026, 09:53:46	05/03/2026, 00:03:52	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	04/03/2026, 13:58:53	aliyun.com
120.48.57.•••:18789	小文 (📈)	🇺🇸 United States	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:46	23/02/2026, 21:08:00	-	-	-	-	-	-
47.238.111.•••:18789	-	🇭🇰 Hong Kong	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud HK	23/02/2026, 09:53:46	23/02/2026, 21:08:00	-	-	-	-	-	-
46.225.222.•••:18789	-	🇩🇪 Germany	Yes	false	Clean	AS24940	Hetzner Online GmbH	Hetzner	23/02/2026, 09:53:46	24/02/2026, 12:08:21	-	-	-	-	-	-
40.124.184.•••:18789	-	🇺🇸 United States	Yes	false	Clean	AS8075	Microsoft Corporation	Microsoft	23/02/2026, 09:53:46	16/04/2026, 20:30:18	No	No	-	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/03/2026, 00:43:46	-
46.225.97.•••:18789	-	🇩🇪 Germany	-	false	Clean	AS24940	Hetzner Online GmbH	Hetzner	23/02/2026, 09:53:46	23/02/2026, 21:08:00	-	-	-	-	-	-
170.64.197.•••:18789	-	🇦🇺 Australia	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:53:46	26/02/2026, 17:03:04	No	No	-	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	26/02/2026, 08:55:54	-
81.70.195.•••:18789	-	🇨🇳 China mainland	Yes	false	Clean	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	23/02/2026, 09:53:46	26/02/2026, 17:04:14	-	-	-	-	-	-
120.48.49.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:46	23/02/2026, 21:08:00	-	-	-	-	-	-
54.93.253.•••:18789	-	🇩🇪 Germany	-	false	Clean	AS16509	Amazon.com, Inc.	A100 ROW	23/02/2026, 09:53:46	24/02/2026, 14:29:34	No	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2015-8325, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-3115, CVE-2016-6210, CVE-2016-6515, CVE-2016-8858, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-29323	24/02/2026, 09:09:59	-
54.196.215.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14618	Amazon.com, Inc.	Amazon	23/02/2026, 09:53:45	23/02/2026, 21:08:00	-	-	-	-	-	-
106.13.31.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:45	15/04/2026, 13:26:48	Yes	Yes	APT17, APT28, APT35, APT37, APT39, Cobalt Group, DragonFly, El-Machete, Gozi, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	27/03/2026, 08:40:51	baidu.com
114.132.239.•••:18789	-	🇨🇳 China mainland	Yes	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	23/02/2026, 09:53:45	17/04/2026, 20:54:07	Yes	No	-	CVE-2023-44487, CVE-2024-7347	15/03/2026, 14:41:21	tencent.com
188.165.209.•••:18789	-	🇫🇷 France	Yes	false	Clean	AS16276	OVH SAS	OVH	23/02/2026, 09:53:45	23/02/2026, 21:07:59	-	-	-	-	-	-
120.48.79.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:45	16/03/2026, 18:02:36	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617	03/03/2026, 18:02:04	baidu.com
120.48.74.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:45	23/02/2026, 21:07:59	-	-	-	-	-	-
180.76.149.•••:18789	大龙虾 (Da Long Xia)	🇨🇳 China mainland	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:45	01/04/2026, 05:49:22	-	-	-	-	-	-
120.48.55.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:45	13/03/2026, 21:23:31	-	-	-	-	-	-
118.196.31.•••:18789	-	🇨🇳 China mainland	Yes	false	Leaked	AS137718	Beijing Volcano Engine Technology Co., Ltd. / AS4811 China Telecom (Group)	Beijing Volcano Engine Technology	23/02/2026, 09:53:45	15/04/2026, 13:25:24	Yes	No	-	-	26/02/2026, 17:49:11	bytedance.com
45.63.22.•••:18789	-	🇺🇸 United States	-	false	Leaked	AS20473	The Constant Company, LLC	Vultr Holdings	23/02/2026, 09:53:45	13/03/2026, 22:08:38	Yes	Yes	APT15, APT17, APT28, APT31, APT35, APT36, APT37, APT39, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, DragonFly, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	26/02/2026, 09:41:13	vultr.com
120.48.180.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:45	18/03/2026, 05:10:34	Yes	-	-	-	26/02/2026, 08:56:16	chinamobile.com, chinamobile.cn, baidu.com
135.181.43.•••:18789	-	🇫🇮 Finland	-	false	Leaked	AS24940	Hetzner Online GmbH	Hetzner Online	23/02/2026, 09:53:45	23/02/2026, 22:38:53	Yes	Yes	APT14, APT15, APT17, APT28, APT29, APT31, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon, WIRTE	CVE-2006-20001, CVE-2016-20012, CVE-2019-17567, CVE-2020-11984, CVE-2020-11993, CVE-2020-13938, CVE-2020-13950, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-23017, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-30641, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-3618, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2022-41741, CVE-2022-41742, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-44487, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-39894, CVE-2024-40898, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	23/02/2026, 21:55:31	hetzner.com
159.65.33.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:53:45	17/04/2026, 06:16:49	Yes	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	01/03/2026, 07:16:35	pubguru.com, monetizemore.com
167.99.51.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:53:45	31/03/2026, 08:55:48	No	Yes	APT14, APT17, APT28, APT29, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Equation Group, Gamaredon Group, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, Sandworm Team, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, UNC2452, Volt Typhoon, WIRTE	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-6470, CVE-2020-11984, CVE-2020-11993, CVE-2020-12062, CVE-2020-13950, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-30641, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2024-11187, CVE-2024-12705, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728	26/02/2026, 02:59:52	-
120.48.4.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:45	23/02/2026, 21:07:59	-	-	-	-	-	-
165.227.110.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:53:45	23/02/2026, 21:07:59	-	-	-	-	-	-
171.96.252.•••:18789	-	🇭🇰 Hong Kong	Yes	false	Clean	AS17552	True Online	Truenet Hisp	23/02/2026, 09:53:45	23/02/2026, 21:07:59	-	-	-	-	-	-
104.21.36.•••:18789	-	🇺🇸 United States	-	false	Clean	AS13335	Cloudflare, Inc.	Cloudflare	23/02/2026, 09:53:44	23/02/2026, 21:07:58	-	-	-	-	-	-
106.12.174.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:44	23/02/2026, 21:07:58	-	-	-	-	-	-
81.70.134.•••:18789	-	🇨🇳 China mainland	-	false	Clean	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	23/02/2026, 09:53:44	05/04/2026, 03:52:28	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-30640, CVE-2021-33037, CVE-2021-36368, CVE-2021-41617, CVE-2021-42340, CVE-2021-43980, CVE-2022-23181, CVE-2022-25762, CVE-2022-29885, CVE-2022-34305, CVE-2022-42252, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	04/04/2026, 22:17:49	-
120.48.130.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:44	20/03/2026, 15:45:07	Yes	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT36, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Turla APT Group, Volt Typhoon	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51385, CVE-2024-7347	26/02/2026, 23:16:47	chinamobile.com, chinamobile.cn, baidu.com
2a02:4780:4:86da::1:18789	-	🇺🇸 United States	-	false	Clean	AS47583	Hostinger International Limited	Hostinger	23/02/2026, 09:53:44	15/04/2026, 13:26:00	-	-	-	-	-	-
120.48.171.•••:18789	Assistant	🇭🇰 Hong Kong	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:44	10/03/2026, 17:26:13	-	-	-	-	-	-
129.146.175.•••:18789	-	🇺🇸 United States	Yes	false	Clean	AS31898	Oracle Corporation	Oracle	23/02/2026, 09:53:44	23/02/2026, 21:07:58	-	-	-	-	-	-
172.245.111.•••:18789	-	🇺🇸 United States	Yes	false	Clean	AS36352	HostPapa	RackNerd	23/02/2026, 09:53:44	01/04/2026, 02:50:36	-	-	-	-	-	-
134.122.39.•••:18789	-	🇨🇦 Canada	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:53:44	17/04/2026, 03:16:38	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	24/02/2026, 12:57:24	-
81.68.104.•••:18789	-	🇨🇳 China mainland	Yes	false	Clean	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	23/02/2026, 09:53:44	23/02/2026, 21:07:58	-	-	-	-	-	-
173.212.220.•••:18789	-	🇫🇷 France	-	false	Leaked	AS51167	Contabo GmbH	Contabo	23/02/2026, 09:53:44	24/02/2026, 10:38:26	Yes	Yes	APT-C-23, APT14, APT28, APT32, APT35, APT37, APT39, APT40, APT41, Cobalt Group, Donot Team, Earth Berberoka, Equation Group, Gamaredon Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Salt Typhoon, Sandworm Team, SharpPanda, TA428, TA505, The Shadow Brokers, UNC2452, Volt Typhoon, WIRTE	CVE-2006-20001, CVE-2013-1896, CVE-2013-4352, CVE-2013-5704, CVE-2013-6438, CVE-2014-0098, CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2014-3523, CVE-2014-3581, CVE-2014-8109, CVE-2015-0228, CVE-2015-3183, CVE-2015-3185, CVE-2015-9253, CVE-2016-0736, CVE-2016-20012, CVE-2016-2161, CVE-2016-4975, CVE-2016-5387, CVE-2016-8612, CVE-2016-8743, CVE-2017-15710, CVE-2017-15715, CVE-2017-3167, CVE-2017-7272, CVE-2017-7679, CVE-2017-7963, CVE-2017-8923, CVE-2017-9120, CVE-2017-9225, CVE-2017-9229, CVE-2017-9788, CVE-2017-9798, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-17199, CVE-2018-19395, CVE-2018-19396, CVE-2018-19935, CVE-2018-20783, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9022, CVE-2019-9023, CVE-2019-9024, CVE-2019-9193, CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9641, CVE-2019-9675, CVE-2020-11985, CVE-2020-13938, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2021-23214, CVE-2021-23222, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-3393, CVE-2021-34798, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-43767, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31628, CVE-2022-31629, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-28625, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51385, CVE-2024-24795, CVE-2024-39894, CVE-2024-4577, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	24/02/2026, 05:27:01	contaboserver.net, contabo.de, contabo.net
180.76.174.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:43	22/03/2026, 14:31:31	Yes	Yes	APT17, APT28, APT35, APT37, APT39, APT41, Cobalt Group, DragonFly, Earth Berberoka, El-Machete, Equation Group, Gozi, Inception Framework, Kimsuky, Mustang Panda, Packrat, Sandworm Team	CVE-2008-0455, CVE-2010-0434, CVE-2010-1452, CVE-2010-4478, CVE-2010-5107, CVE-2011-0419, CVE-2011-3192, CVE-2011-3348, CVE-2011-3368, CVE-2011-3607, CVE-2011-3639, CVE-2011-4317, CVE-2011-4327, CVE-2011-4415, CVE-2011-5000, CVE-2012-0031, CVE-2012-0053, CVE-2012-0814, CVE-2012-0883, CVE-2012-2687, CVE-2012-3499, CVE-2012-4557, CVE-2012-4558, CVE-2013-1862, CVE-2013-1896, CVE-2013-2249, CVE-2013-5704, CVE-2013-6438, CVE-2014-0098, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2016-0777, CVE-2016-4975, CVE-2016-5387, CVE-2016-8743, CVE-2017-15906, CVE-2017-3167, CVE-2017-3169, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-1312	02/03/2026, 05:00:03	tfn.net.tw, baidu.com
120.48.75.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:43	14/03/2026, 01:52:08	Yes	Yes	APT14, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT40, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, DragonFly, El-Machete, Equation Group, Gamaredon Group, Gaza Cybergang, Gozi, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Packrat, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, UNC2452, Volt Typhoon, WIRTE	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-17189, CVE-2018-17199, CVE-2018-20685, CVE-2019-0196, CVE-2019-0197, CVE-2019-0211, CVE-2019-0215, CVE-2019-0217, CVE-2019-0220, CVE-2019-10081, CVE-2019-10082, CVE-2019-10092, CVE-2019-10097, CVE-2019-10098, CVE-2019-16905, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11984, CVE-2020-11993, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	04/03/2026, 18:57:22	baidu.com
54.66.62.•••:18789	-	🇦🇺 Australia	Yes	false	Clean	AS16509	Amazon.com, Inc.	Amazon	23/02/2026, 09:53:43	23/02/2026, 21:07:57	-	-	-	-	-	-
118.25.110.•••:18789	-	🇨🇳 China mainland	-	false	Clean	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	23/02/2026, 09:53:43	23/02/2026, 21:07:57	-	-	-	-	-	-
120.48.26.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:43	23/02/2026, 21:07:57	-	-	-	-	-	-
165.227.186.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:53:43	23/02/2026, 21:07:57	-	-	-	-	-	-
146.56.116.•••:18789	-	🇺🇸 United States	Yes	false	Clean	AS31898	Oracle Corporation	Oracle Corporation	23/02/2026, 09:53:43	23/02/2026, 21:07:57	-	-	-	-	-	-
170.106.172.•••:18789	-	🇺🇸 United States	Yes	false	Clean	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	23/02/2026, 09:53:43	18/04/2026, 00:37:56	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	02/03/2026, 00:33:39	-
47.98.230.•••:18789	-	🇨🇳 China mainland	Yes	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	23/02/2026, 09:53:43	18/04/2026, 00:38:47	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728	26/02/2026, 23:17:52	zotye.com
152.53.227.•••:18789	-	🇩🇪 Germany	Yes	false	Leaked	AS197540	netcup GmbH	Netcup	23/02/2026, 09:53:43	16/04/2026, 20:30:22	Yes	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	24/02/2026, 14:30:44	netcup.de, luckysrv.de
64.227.114.•••:18789	-	🇩🇪 Germany	Yes	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:53:43	17/04/2026, 02:31:32	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	24/02/2026, 03:08:50	-
206.189.161.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:53:42	24/02/2026, 06:08:59	-	-	-	-	-	-
43.167.217.•••:18789	Assistant	🇸🇬 Singapore	Yes	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	23/02/2026, 09:53:42	17/04/2026, 04:46:42	Yes	No	-	CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	03/04/2026, 18:39:59	tencent.com
124.223.217.•••:18789	-	🇨🇳 China mainland	Yes	false	Clean	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	23/02/2026, 09:53:42	26/02/2026, 17:04:17	-	-	-	-	-	-
104.238.215.•••:18789	-	🇺🇸 United States	Yes	false	Clean	AS36007	Kamatera, Inc.	Kamatera US NY2 Data Center	23/02/2026, 09:53:42	23/02/2026, 21:07:56	-	-	-	-	-	-
147.93.136.•••:18789	-	🇩🇪 Germany	Yes	false	Clean	AS40021	Contabo Inc.	Contabo	23/02/2026, 09:53:42	27/02/2026, 13:50:10	-	-	-	-	-	-
46.225.138.•••:18789	-	🇩🇪 Germany	-	false	Clean	AS24940	Hetzner Online GmbH	Hetzner	23/02/2026, 09:53:42	23/02/2026, 21:07:56	-	-	-	-	-	-
39.97.236.•••:18789	-	🇨🇳 China mainland	Yes	false	Leaked	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	23/02/2026, 09:53:42	25/03/2026, 10:59:03	Yes	No	-	-	04/03/2026, 23:25:07	aliyun.com
43.156.41.•••:18789	-	🇸🇬 Singapore	-	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	23/02/2026, 09:53:42	06/03/2026, 23:45:31	Yes	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	01/03/2026, 02:14:39	tencent.com
2a02:4780:4:1e3d::1:18789	-	🇺🇸 United States	-	false	Clean	AS47583	Hostinger International Limited	Hostinger	23/02/2026, 09:53:42	13/03/2026, 10:29:18	-	-	-	-	-	-
121.199.6.•••:18789	-	🇨🇳 China mainland	-	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	23/02/2026, 09:53:42	23/02/2026, 21:07:56	-	-	-	-	-	-
91.99.31.•••:18789	-	🇩🇪 Germany	Yes	false	Leaked	AS24940	Hetzner Online GmbH	Hetzner Online	23/02/2026, 09:53:42	17/04/2026, 10:02:14	Yes	No	-	CVE-2023-44487, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	01/03/2026, 20:54:01	hetzner.com
147.182.195.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:53:42	16/04/2026, 18:13:34	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	26/02/2026, 17:08:22	-
106.12.152.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	23/02/2026, 09:53:42	17/04/2026, 03:16:47	Yes	Yes	APT17, APT28, APT35, APT37, APT39, Cobalt Group, DragonFly, El-Machete, Gozi, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	02/03/2026, 05:00:26	bj189.cn, baidu.com
188.166.115.•••:18789	-	🇳🇱 Netherlands	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:53:42	23/02/2026, 21:53:40	-	-	-	-	-	-
118.145.226.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS137718	Beijing Volcano Engine Technology Co., Ltd.	Beijing Volcano Engine Technology	23/02/2026, 09:51:26	24/02/2026, 16:42:41	Yes	No	-	-	23/02/2026, 13:37:05	bytedance.com
47.253.98.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	23/02/2026, 09:51:26	24/02/2026, 17:27:41	No	Yes	APT15, APT17, APT28, APT31, APT35, APT36, APT37, APT39, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728	23/02/2026, 13:37:06	-
39.97.55.•••:18789	-	🇨🇳 China mainland	-	false	Leaked	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	23/02/2026, 09:51:26	24/02/2026, 17:27:41	Yes	No	-	-	23/02/2026, 13:37:08	aliyun.com, ptcl.net.pk
45.55.219.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:51:26	18/04/2026, 00:36:29	No	No	-	CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	23/02/2026, 13:37:09	-
142.93.189.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	23/02/2026, 09:51:26	28/03/2026, 09:17:52	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	23/02/2026, 13:37:10	-
173.179.115.•••:18789	-	🇨🇦 Canada	-	false	Clean	AS5769	Videotron Ltee	Videotron	23/02/2026, 09:51:26	03/04/2026, 17:51:28	No	No	-	CVE-2025-14177, CVE-2025-14178, CVE-2025-14180	23/02/2026, 13:37:11	-

🦞 OpenClaw Exposure Watchboard

Ship Secure Enterprise AI Agents 10× Faster with vivgrid.com

Vivgrid gives you authentication, model gateway, tool control, cost tracking, and enterprise observability — everything you need to ship AI agents safely at scale.