🦞 OpenClaw Exposure Watchboard

This page lists publicly reachable active OpenClaw instances for defensive awareness. If this is your deployment, enable authentication, remove direct public exposure, and patch immediately.

Exposed Instances: 643649 Page: 6046 / 6437 (100 per page) Showing: 604501-604600 Last Imported: 12/04/2026, 00:31:21

🇨🇳 354,373

🇺🇸 169,554

Endpoint	Assistant Name	Country	auth_required	is_active	has_leaked_creds	asn	asn_name	org	first_seen	last_seen	asi_has_breach	asi_has_threat_actor	asi_threat_actors	asi_cves	asi_enriched_at	asi_domains
147.139.213.•••:18789	银湖 (🔥)	🇨🇳 China mainland	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud ID	05/02/2026, 21:18:39	12/04/2026, 00:07:34	No	Yes	APT14, APT28, APT35, APT37, APT39, APT40, APT41, Cobalt Group, Gamaredon Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, Mustang Panda, Sandworm Team, SharpPanda, TA505, The Shadow Brokers, WIRTE	CVE-2006-20001, CVE-2013-1896, CVE-2013-4352, CVE-2013-5704, CVE-2013-6438, CVE-2014-0098, CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2014-3581, CVE-2014-8109, CVE-2015-0228, CVE-2015-3183, CVE-2015-3185, CVE-2016-0736, CVE-2016-10708, CVE-2016-2161, CVE-2016-4975, CVE-2016-5387, CVE-2016-8612, CVE-2016-8743, CVE-2017-15710, CVE-2017-15715, CVE-2017-15906, CVE-2017-3167, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-15473, CVE-2018-15919, CVE-2018-17199, CVE-2018-20685, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11985, CVE-2020-14145, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2021-23017, CVE-2021-26690, CVE-2021-26691, CVE-2021-34798, CVE-2021-3618, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44790, CVE-2021-46784, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2022-41317, CVE-2022-41318, CVE-2022-41741, CVE-2022-41742, CVE-2023-25690, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 21:20:58	-
8.215.18.•••:18789	Assistant	🇸🇬 Singapore	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	05/02/2026, 21:18:39	12/04/2026, 00:06:42	No	-	-	-	05/02/2026, 21:21:02	-
47.253.137.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	05/02/2026, 21:18:39	12/04/2026, 00:07:25	No	Yes	APT15, APT28, APT31, APT37, APT39, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT, The Shadow Brokers	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 21:21:03	-
121.40.70.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	05/02/2026, 21:18:39	27/02/2026, 09:58:05	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385	05/02/2026, 21:21:04	datacamp.co.uk, aliyun.com
51.44.222.•••:18789	Assistant	🇫🇷 France	Yes	true	Clean	AS16509	Amazon.com, Inc.	A100 Row	05/02/2026, 21:16:26	24/02/2026, 05:29:05	No	No	-	CVE-2016-20012, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-42516, CVE-2024-43204, CVE-2024-43394, CVE-2024-47252, CVE-2024-6387, CVE-2025-23048, CVE-2025-26465, CVE-2025-32728, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020, CVE-2025-61984, CVE-2025-61985	05/02/2026, 22:18:52	-
43.143.240.•••:18789	-	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	05/02/2026, 21:16:26	10/03/2026, 21:16:04	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385	05/02/2026, 22:18:54	tencent.com
118.196.76.•••:18789	锅娃 ((暂无))	🇨🇳 China mainland	Yes	true	Clean	AS137718	Beijing Volcano Engine Technology Co., Ltd. / AS4811 China Telecom (Group)	Beijing Volcano Engine Technology	05/02/2026, 21:16:26	02/03/2026, 03:34:05	-	-	-	-	05/02/2026, 22:18:55	-
143.198.87.•••:443	Cooper (🐮)	🇸🇬 Singapore	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:16:26	12/04/2026, 00:04:16	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2020-14145, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-38709, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-36387, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-39894, CVE-2024-40898, CVE-2024-42516, CVE-2024-43204, CVE-2024-43394, CVE-2024-47252, CVE-2024-6387, CVE-2025-23048, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020, CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-61984, CVE-2025-61985, CVE-2025-65082, CVE-2025-66200	05/02/2026, 22:18:56	-
101.37.239.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	05/02/2026, 21:16:26	06/03/2026, 18:36:38	-	-	-	-	05/02/2026, 22:18:58	-
178.128.102.•••:443	-	🇸🇬 Singapore	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:16:26	18/03/2026, 12:04:51	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2006-20001, CVE-2007-4559, CVE-2015-20107, CVE-2016-20012, CVE-2016-3189, CVE-2018-20685, CVE-2018-25032, CVE-2019-12900, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-10735, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-28861, CVE-2021-36368, CVE-2021-41617, CVE-2022-26488, CVE-2022-36760, CVE-2022-37436, CVE-2022-37454, CVE-2022-42919, CVE-2022-45061, CVE-2023-24329, CVE-2023-25690, CVE-2023-27043, CVE-2023-27522, CVE-2023-28531, CVE-2023-36632, CVE-2023-38408, CVE-2023-40217, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-0397, CVE-2024-11168, CVE-2024-3219, CVE-2024-4032, CVE-2024-5642, CVE-2024-6232, CVE-2024-6923, CVE-2024-7592, CVE-2024-8088, CVE-2024-9287, CVE-2025-12084, CVE-2025-13836	05/02/2026, 22:18:59	-
43.165.129.•••:443	Assistant (⚡)	🇯🇵 Japan	Yes	true	Clean	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	05/02/2026, 21:16:26	27/02/2026, 09:54:47	-	-	-	-	05/02/2026, 22:19:02	-
38.165.20.•••:80	Assistant	🇺🇸 United States	Yes	true	Leaked	AS967	VMISS Inc.	PEG Technology	05/02/2026, 21:16:26	22/03/2026, 10:51:49	Yes	Yes	APT17, APT36, APT37, APT45, Kimsuky, MuddyWater Group, SideWinder APT	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 22:19:03	cogentco.com
124.221.88.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 21:16:26	03/03/2026, 15:29:03	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, El-Machete, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	05/02/2026, 22:19:08	tencent.com, chinaunicom.cn
8.216.38.•••:443	-	🇸🇬 Singapore	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	05/02/2026, 21:16:26	02/03/2026, 19:09:26	-	-	-	-	05/02/2026, 22:19:10	-
146.190.112.•••:443	Archon (🏛️)	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:16:26	25/02/2026, 17:33:20	Yes	No	-	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617	05/02/2026, 22:20:12	unga.tech
68.183.60.•••:443	Sage (🌿)	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:16:26	28/02/2026, 01:53:10	No	Yes	APT14, APT15, APT28, APT29, APT31, APT34, APT40, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, Volt Typhoon	CVE-2006-20001, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 22:20:13	-
1.15.12.•••:18789	小熙 (📋)	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 21:16:26	06/04/2026, 23:54:45	Yes	Yes	APT37, El-Machete	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 22:20:15	tencent.com, tot.co.th
178.62.75.•••:443	-	🇬🇧 United Kingdom	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean London	05/02/2026, 21:16:26	03/03/2026, 11:46:18	No	Yes	APT-C-23, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MoustachedBouncer, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2013-0340, CVE-2015-20107, CVE-2016-20012, CVE-2016-3189, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2018-25032, CVE-2019-12900, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-10735, CVE-2020-14145, CVE-2021-23017, CVE-2021-28861, CVE-2021-3618, CVE-2021-36368, CVE-2021-3733, CVE-2021-3737, CVE-2021-41617, CVE-2021-4189, CVE-2022-0391, CVE-2022-37454, CVE-2022-41741, CVE-2022-41742, CVE-2022-42919, CVE-2022-45061, CVE-2023-24329, CVE-2023-27043, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728	05/02/2026, 22:20:16	-
129.212.216.•••:18789	MixCarlos	🇸🇬 Singapore	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:16:26	03/03/2026, 15:29:03	No	No	-	CVE-2021-3618, CVE-2022-41741, CVE-2022-41742, CVE-2023-44487, CVE-2024-7347, CVE-2025-23419, CVE-2025-61984, CVE-2025-61985	05/02/2026, 22:20:24	-
165.22.230.•••:443	Assistant	🇨🇦 Canada	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:16:26	11/04/2026, 04:56:37	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728	05/02/2026, 22:20:27	-
2a02:4780:2d:b0a5::1:443	-	🇺🇸 United States	-	true	Clean	AS47583	Hostinger International Limited	Hostinger	05/02/2026, 21:16:26	02/03/2026, 19:08:37	-	-	-	-	05/02/2026, 22:20:28	-
120.48.117.•••:18789	Assistant (data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMTAwIiBoZWlnaHQ9IjEwMCIgdmlld0JveD0iMCAwIDEwMCAxMDAiIGZpbGw9Im5vbmUiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CjxyZWN0IHdpZHRoPSIxMDAiIGhlaWdodD0iMTAwIi)	🇺🇸 United States	Yes	true	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	05/02/2026, 21:16:26	02/03/2026, 07:16:29	Yes	Yes	APT17, APT28, APT35, APT37, APT39, Cobalt Group, DragonFly, El-Machete, Gozi, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	05/02/2026, 22:20:31	chinamobile.com, chinamobile.cn, baidu.com
43.143.227.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	05/02/2026, 21:16:26	02/03/2026, 18:25:27	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 22:20:32	tencent.com
62.234.35.•••:18789	Piqiu (👋)	🇨🇳 China mainland	Yes	true	Clean	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	05/02/2026, 21:16:26	02/03/2026, 19:10:06	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	05/02/2026, 22:20:36	-
118.196.82.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS137718	Beijing Volcano Engine Technology Co., Ltd. / AS4811 China Telecom (Group)	Beijing Volcano Engine Technology	05/02/2026, 21:16:26	03/03/2026, 15:29:24	-	-	-	-	05/02/2026, 22:20:41	-
2a02:4780:2d:b0a5::1:18789	-	🇺🇸 United States	-	true	Clean	AS47583	Hostinger International Limited	Hostinger	05/02/2026, 21:16:26	02/03/2026, 08:45:20	-	-	-	-	05/02/2026, 22:20:43	-
180.171.51.•••:18789	-	🇨🇳 China mainland	Yes	true	Leaked	AS4812	China Telecom (Group)	ChinaNet Shanghai	05/02/2026, 21:16:26	04/03/2026, 12:47:46	Yes	No	-	-	05/02/2026, 22:20:46	bj189.cn, fastspeed.dk, tfn.net.tw, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, synology.me, daqu.com.cn, ctyun.cn
161.35.224.•••:443	Eddy (📈)	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:16:26	11/04/2026, 10:55:45	Yes	Yes	APT14, APT28, APT40, APT41, Cobalt Group, Equation Group, Gamaredon Group, IronHusky, Kimsuky, Lazarus Group, SharpPanda, TA505, The Shadow Brokers, UNC2452, WIRTE	CVE-2006-20001, CVE-2016-20012, CVE-2019-17567, CVE-2020-11984, CVE-2020-11993, CVE-2020-13938, CVE-2020-13950, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-23017, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-30641, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-3618, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2022-41741, CVE-2022-41742, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-44487, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-39894, CVE-2024-40898, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 22:20:47	fiduciaryinsuranceservices.com
18.188.225.•••:18789	Cleo (🤖)	🇺🇸 United States	Yes	true	Clean	AS16509	Amazon.com, Inc.	Amazon	05/02/2026, 21:16:26	22/03/2026, 14:36:50	No	No	-	-	05/02/2026, 22:20:49	-
167.71.223.•••:443	Javis (😊)	🇸🇬 Singapore	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:16:26	05/03/2026, 00:08:14	No	Yes	APT1 Comment Crew, APT15, APT17, APT27, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Earth Longzhi, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2011-4969, CVE-2012-6708, CVE-2015-9251, CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-11358, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11022, CVE-2020-11023, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2020-7656, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 22:20:51	-
43.139.89.•••:18789	-	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	05/02/2026, 21:16:26	02/03/2026, 16:10:50	Yes	No	-	-	05/02/2026, 22:20:57	tencent.com
8.138.153.•••:18789	-	🇸🇬 Singapore	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alibaba Cloud	05/02/2026, 21:16:26	06/04/2026, 05:15:16	No	Yes	APT15, APT28, APT31, APT37, APT39, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT, The Shadow Brokers	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 22:20:58	-
174.138.84.•••:443	-	🇺🇸 United States	Yes	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:16:26	21/03/2026, 07:36:33	No	-	-	CVE-2016-20012, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 22:21:03	-
192.210.200.•••:443	-	🇺🇸 United States	Yes	true	Leaked	AS36352	HostPapa	RackNerd	05/02/2026, 21:16:26	04/03/2026, 12:46:44	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Carbanak, Cobalt Group, DarkHotel Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2013-4547, CVE-2014-0133, CVE-2014-3616, CVE-2016-0742, CVE-2016-0746, CVE-2016-0747, CVE-2016-10708, CVE-2016-1247, CVE-2016-20012, CVE-2016-4450, CVE-2017-15906, CVE-2017-20005, CVE-2017-7529, CVE-2018-15473, CVE-2018-15919, CVE-2018-16845, CVE-2018-20685, CVE-2019-20372, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 22:21:08	racknerd.com
43.135.183.•••:18789	-	🇺🇸 United States	Yes	true	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	05/02/2026, 21:14:14	10/04/2026, 00:57:51	Yes	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728	06/02/2026, 01:12:01	tencent.com
43.143.240.•••:18789	-	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	05/02/2026, 21:14:14	10/03/2026, 21:13:42	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385	06/02/2026, 01:12:17	tencent.com
118.196.76.•••:18789	锅娃 ((暂无))	🇨🇳 China mainland	Yes	true	Clean	AS137718	Beijing Volcano Engine Technology Co., Ltd. / AS4811 China Telecom (Group)	Beijing Volcano Engine Technology	05/02/2026, 21:14:14	02/03/2026, 00:32:58	-	-	-	-	06/02/2026, 01:12:18	-
143.198.87.•••:18789	-	🇸🇬 Singapore	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:14:14	12/04/2026, 00:01:58	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2020-14145, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-38709, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-36387, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-39894, CVE-2024-40898, CVE-2024-42516, CVE-2024-43204, CVE-2024-43394, CVE-2024-47252, CVE-2024-6387, CVE-2025-23048, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020, CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-61984, CVE-2025-61985, CVE-2025-65082, CVE-2025-66200	06/02/2026, 01:12:19	-
101.37.239.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	05/02/2026, 21:14:14	06/03/2026, 17:04:11	-	-	-	-	06/02/2026, 01:13:21	-
178.128.102.•••:18789	-	🇸🇬 Singapore	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:14:14	03/03/2026, 16:10:12	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2006-20001, CVE-2007-4559, CVE-2015-20107, CVE-2016-20012, CVE-2016-3189, CVE-2018-20685, CVE-2018-25032, CVE-2019-12900, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-10735, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-28861, CVE-2021-36368, CVE-2021-41617, CVE-2022-26488, CVE-2022-36760, CVE-2022-37436, CVE-2022-37454, CVE-2022-42919, CVE-2022-45061, CVE-2023-24329, CVE-2023-25690, CVE-2023-27043, CVE-2023-27522, CVE-2023-28531, CVE-2023-36632, CVE-2023-38408, CVE-2023-40217, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-0397, CVE-2024-11168, CVE-2024-3219, CVE-2024-4032, CVE-2024-5642, CVE-2024-6232, CVE-2024-6923, CVE-2024-7592, CVE-2024-8088, CVE-2024-9287, CVE-2025-12084, CVE-2025-13836	06/02/2026, 01:13:23	-
43.165.129.•••:18789	Assistant (⚡)	🇯🇵 Japan	Yes	true	Clean	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	05/02/2026, 21:14:14	28/02/2026, 16:38:39	-	-	-	-	06/02/2026, 01:13:25	-
38.165.20.•••:18789	-	🇺🇸 United States	-	true	Leaked	AS967	VMISS Inc.	PEG Technology	05/02/2026, 21:14:14	11/04/2026, 04:08:47	Yes	Yes	APT17, APT36, APT37, APT45, Kimsuky, MuddyWater Group, SideWinder APT	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 01:13:26	cogentco.com
124.221.88.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 21:14:14	03/03/2026, 15:26:43	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, El-Machete, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	06/02/2026, 01:13:31	tencent.com, chinaunicom.cn
8.216.38.•••:18789	-	🇸🇬 Singapore	-	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	05/02/2026, 21:14:14	02/03/2026, 19:07:13	-	-	-	-	06/02/2026, 01:13:33	-
146.190.112.•••:18789	-	🇺🇸 United States	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:14:14	25/02/2026, 16:01:09	Yes	No	-	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617	06/02/2026, 01:13:36	unga.tech
68.183.60.•••:18789	-	🇺🇸 United States	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:14:14	28/02/2026, 00:21:32	No	Yes	APT14, APT15, APT28, APT29, APT31, APT34, APT40, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, Volt Typhoon	CVE-2006-20001, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 01:13:40	-
1.15.12.•••:18789	小熙 (📋)	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 21:14:14	03/04/2026, 20:55:32	Yes	Yes	APT37, El-Machete	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 01:13:42	tencent.com, tot.co.th
178.62.75.•••:18789	-	🇬🇧 United Kingdom	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean London	05/02/2026, 21:14:14	03/03/2026, 09:30:00	No	Yes	APT-C-23, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MoustachedBouncer, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2013-0340, CVE-2015-20107, CVE-2016-20012, CVE-2016-3189, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2018-25032, CVE-2019-12900, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-10735, CVE-2020-14145, CVE-2021-23017, CVE-2021-28861, CVE-2021-3618, CVE-2021-36368, CVE-2021-3733, CVE-2021-3737, CVE-2021-41617, CVE-2021-4189, CVE-2022-0391, CVE-2022-37454, CVE-2022-41741, CVE-2022-41742, CVE-2022-42919, CVE-2022-45061, CVE-2023-24329, CVE-2023-27043, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728	06/02/2026, 01:13:43	-
165.22.230.•••:18789	-	🇨🇦 Canada	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:14:14	11/04/2026, 03:23:54	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728	06/02/2026, 01:13:54	-
120.48.117.•••:18789	Assistant (data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMTAwIiBoZWlnaHQ9IjEwMCIgdmlld0JveD0iMCAwIDEwMCAxMDAiIGZpbGw9Im5vbmUiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CjxyZWN0IHdpZHRoPSIxMDAiIGhlaWdodD0iMTAwIi)	🇺🇸 United States	Yes	true	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	05/02/2026, 21:14:14	02/03/2026, 04:15:54	Yes	Yes	APT17, APT28, APT35, APT37, APT39, Cobalt Group, DragonFly, El-Machete, Gozi, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	06/02/2026, 01:13:58	chinamobile.com, chinamobile.cn, baidu.com
43.143.227.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	05/02/2026, 21:14:14	02/03/2026, 15:23:30	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 01:14:00	tencent.com
62.234.35.•••:18789	Piqiu (👋)	🇨🇳 China mainland	Yes	true	Clean	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	05/02/2026, 21:14:14	02/03/2026, 16:53:09	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	06/02/2026, 01:14:08	-
118.196.82.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS137718	Beijing Volcano Engine Technology Co., Ltd. / AS4811 China Telecom (Group)	Beijing Volcano Engine Technology	05/02/2026, 21:14:14	03/03/2026, 13:12:57	-	-	-	-	06/02/2026, 01:14:14	-
2a02:4780:2d:b0a5::1:18789	-	🇺🇸 United States	-	true	Clean	AS47583	Hostinger International Limited	Hostinger	05/02/2026, 21:14:14	12/04/2026, 00:01:58	-	-	-	-	06/02/2026, 01:13:55	-
180.171.51.•••:18789	-	🇨🇳 China mainland	Yes	true	Leaked	AS4812	China Telecom (Group)	ChinaNet Shanghai	05/02/2026, 21:14:14	04/03/2026, 12:45:25	Yes	No	-	-	06/02/2026, 01:14:20	bj189.cn, fastspeed.dk, tfn.net.tw, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, synology.me, daqu.com.cn, ctyun.cn
161.35.224.•••:18789	-	🇺🇸 United States	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:14:14	11/04/2026, 08:38:29	Yes	Yes	APT14, APT28, APT40, APT41, Cobalt Group, Equation Group, Gamaredon Group, IronHusky, Kimsuky, Lazarus Group, SharpPanda, TA505, The Shadow Brokers, UNC2452, WIRTE	CVE-2006-20001, CVE-2016-20012, CVE-2019-17567, CVE-2020-11984, CVE-2020-11993, CVE-2020-13938, CVE-2020-13950, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-23017, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-30641, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-3618, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2022-41741, CVE-2022-41742, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-44487, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-39894, CVE-2024-40898, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 01:14:22	fiduciaryinsuranceservices.com
18.188.225.•••:18789	Cleo (🤖)	🇺🇸 United States	Yes	true	Clean	AS16509	Amazon.com, Inc.	Amazon	05/02/2026, 21:14:14	25/02/2026, 07:48:22	No	No	-	-	06/02/2026, 01:14:28	-
167.71.223.•••:18789	-	🇸🇬 Singapore	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:14:14	05/03/2026, 00:44:48	No	Yes	APT1 Comment Crew, APT15, APT17, APT27, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Earth Longzhi, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2011-4969, CVE-2012-6708, CVE-2015-9251, CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-11358, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11022, CVE-2020-11023, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2020-7656, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 01:14:30	-
43.139.89.•••:18789	-	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	05/02/2026, 21:14:14	02/03/2026, 13:53:58	Yes	No	-	-	06/02/2026, 01:14:36	tencent.com
8.138.153.•••:18789	-	🇸🇬 Singapore	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alibaba Cloud	05/02/2026, 21:14:14	06/04/2026, 04:27:59	No	Yes	APT15, APT28, APT31, APT37, APT39, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT, The Shadow Brokers	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 01:14:37	-
174.138.84.•••:18789	-	🇺🇸 United States	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:14:14	21/03/2026, 06:04:07	No	-	-	CVE-2016-20012, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 01:14:43	-
43.135.183.•••:18789	-	🇺🇸 United States	Yes	true	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	05/02/2026, 21:12:03	10/04/2026, 03:51:23	Yes	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728	06/02/2026, 03:11:47	tencent.com
43.143.240.•••:18789	-	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	05/02/2026, 21:12:03	10/03/2026, 21:11:20	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385	06/02/2026, 03:12:01	tencent.com
118.196.76.•••:18789	锅娃 ((暂无))	🇨🇳 China mainland	Yes	true	Clean	AS137718	Beijing Volcano Engine Technology Co., Ltd. / AS4811 China Telecom (Group)	Beijing Volcano Engine Technology	05/02/2026, 21:12:03	02/03/2026, 00:30:40	-	-	-	-	06/02/2026, 03:12:03	-
143.198.87.•••:18789	-	🇸🇬 Singapore	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:12:03	11/04/2026, 23:59:33	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2020-14145, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-38709, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-36387, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-39894, CVE-2024-40898, CVE-2024-42516, CVE-2024-43204, CVE-2024-43394, CVE-2024-47252, CVE-2024-6387, CVE-2025-23048, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020, CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-61984, CVE-2025-61985, CVE-2025-65082, CVE-2025-66200	06/02/2026, 03:12:04	-
212.129.242.•••:18789	-	🇨🇳 China mainland	Yes	true	Clean	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	05/02/2026, 21:12:03	16/03/2026, 06:00:34	No	Yes	APT37, El-Machete	-	06/02/2026, 03:12:05	-
101.37.239.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	05/02/2026, 21:12:03	06/03/2026, 17:01:47	-	-	-	-	06/02/2026, 03:12:06	-
178.128.102.•••:18789	-	🇸🇬 Singapore	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:12:03	03/03/2026, 16:07:57	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2006-20001, CVE-2007-4559, CVE-2015-20107, CVE-2016-20012, CVE-2016-3189, CVE-2018-20685, CVE-2018-25032, CVE-2019-12900, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-10735, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-28861, CVE-2021-36368, CVE-2021-41617, CVE-2022-26488, CVE-2022-36760, CVE-2022-37436, CVE-2022-37454, CVE-2022-42919, CVE-2022-45061, CVE-2023-24329, CVE-2023-25690, CVE-2023-27043, CVE-2023-27522, CVE-2023-28531, CVE-2023-36632, CVE-2023-38408, CVE-2023-40217, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-0397, CVE-2024-11168, CVE-2024-3219, CVE-2024-4032, CVE-2024-5642, CVE-2024-6232, CVE-2024-6923, CVE-2024-7592, CVE-2024-8088, CVE-2024-9287, CVE-2025-12084, CVE-2025-13836	06/02/2026, 03:12:07	-
43.165.129.•••:18789	Assistant (⚡)	🇯🇵 Japan	Yes	true	Clean	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	05/02/2026, 21:12:03	28/02/2026, 16:36:20	-	-	-	-	06/02/2026, 03:12:11	-
38.165.20.•••:18789	-	🇺🇸 United States	-	true	Leaked	AS967	VMISS Inc.	PEG Technology	05/02/2026, 21:12:03	11/04/2026, 04:06:25	Yes	Yes	APT17, APT36, APT37, APT45, Kimsuky, MuddyWater Group, SideWinder APT	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 03:12:12	cogentco.com
124.221.88.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 21:12:03	03/03/2026, 15:24:24	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, El-Machete, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	06/02/2026, 03:12:17	tencent.com, chinaunicom.cn
146.190.112.•••:18789	-	🇺🇸 United States	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:12:02	25/02/2026, 15:58:44	Yes	No	-	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617	06/02/2026, 03:12:23	unga.tech
68.183.60.•••:18789	-	🇺🇸 United States	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:12:02	28/02/2026, 00:19:15	No	Yes	APT14, APT15, APT28, APT29, APT31, APT34, APT40, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, Volt Typhoon	CVE-2006-20001, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 03:12:26	-
1.15.12.•••:18789	小熙 (📋)	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 21:12:02	09/04/2026, 18:03:59	Yes	Yes	APT37, El-Machete	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 03:12:27	tencent.com, tot.co.th
178.62.75.•••:18789	-	🇬🇧 United Kingdom	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean London	05/02/2026, 21:12:02	03/03/2026, 09:27:43	No	Yes	APT-C-23, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MoustachedBouncer, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2013-0340, CVE-2015-20107, CVE-2016-20012, CVE-2016-3189, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2018-25032, CVE-2019-12900, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-10735, CVE-2020-14145, CVE-2021-23017, CVE-2021-28861, CVE-2021-3618, CVE-2021-36368, CVE-2021-3733, CVE-2021-3737, CVE-2021-41617, CVE-2021-4189, CVE-2022-0391, CVE-2022-37454, CVE-2022-41741, CVE-2022-41742, CVE-2022-42919, CVE-2022-45061, CVE-2023-24329, CVE-2023-27043, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728	06/02/2026, 03:12:28	-
165.22.230.•••:18789	-	🇨🇦 Canada	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:12:02	11/04/2026, 03:21:33	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728	06/02/2026, 03:12:41	-
120.48.117.•••:18789	Assistant (data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMTAwIiBoZWlnaHQ9IjEwMCIgdmlld0JveD0iMCAwIDEwMCAxMDAiIGZpbGw9Im5vbmUiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CjxyZWN0IHdpZHRoPSIxMDAiIGhlaWdodD0iMTAwIi)	🇺🇸 United States	Yes	true	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	05/02/2026, 21:12:02	02/03/2026, 04:13:35	Yes	Yes	APT17, APT28, APT35, APT37, APT39, Cobalt Group, DragonFly, El-Machete, Gozi, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	06/02/2026, 03:12:44	chinamobile.com, chinamobile.cn, baidu.com
43.143.227.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	05/02/2026, 21:12:02	02/03/2026, 16:05:52	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 03:12:47	tencent.com
62.234.35.•••:18789	Piqiu (👋)	🇨🇳 China mainland	Yes	true	Clean	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	05/02/2026, 21:12:02	02/03/2026, 16:50:49	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	06/02/2026, 03:12:53	-
118.196.82.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS137718	Beijing Volcano Engine Technology Co., Ltd. / AS4811 China Telecom (Group)	Beijing Volcano Engine Technology	05/02/2026, 21:12:02	03/03/2026, 13:10:42	-	-	-	-	06/02/2026, 03:13:01	-
2a02:4780:2d:b0a5::1:18789	-	🇺🇸 United States	-	true	Clean	AS47583	Hostinger International Limited	Hostinger	05/02/2026, 21:12:02	11/04/2026, 23:59:34	-	-	-	-	06/02/2026, 03:12:42	-
180.171.51.•••:18789	-	🇨🇳 China mainland	Yes	true	Leaked	AS4812	China Telecom (Group)	ChinaNet Shanghai	05/02/2026, 21:12:02	04/03/2026, 12:43:09	Yes	No	-	-	06/02/2026, 03:13:08	bj189.cn, fastspeed.dk, tfn.net.tw, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, synology.me, daqu.com.cn, ctyun.cn
161.35.224.•••:18789	-	🇺🇸 United States	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:12:02	11/04/2026, 08:36:09	Yes	Yes	APT14, APT28, APT40, APT41, Cobalt Group, Equation Group, Gamaredon Group, IronHusky, Kimsuky, Lazarus Group, SharpPanda, TA505, The Shadow Brokers, UNC2452, WIRTE	CVE-2006-20001, CVE-2016-20012, CVE-2019-17567, CVE-2020-11984, CVE-2020-11993, CVE-2020-13938, CVE-2020-13950, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-23017, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-30641, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-3618, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2022-41741, CVE-2022-41742, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-44487, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-39894, CVE-2024-40898, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 03:13:11	fiduciaryinsuranceservices.com
18.188.225.•••:18789	Cleo (🤖)	🇺🇸 United States	Yes	true	Clean	AS16509	Amazon.com, Inc.	Amazon	05/02/2026, 21:12:02	22/03/2026, 12:16:27	No	No	-	-	06/02/2026, 03:13:15	-
167.71.223.•••:18789	-	🇸🇬 Singapore	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:12:02	05/03/2026, 00:42:28	No	Yes	APT1 Comment Crew, APT15, APT17, APT27, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Earth Longzhi, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2011-4969, CVE-2012-6708, CVE-2015-9251, CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-11358, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11022, CVE-2020-11023, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2020-7656, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 03:13:17	-
43.139.89.•••:18789	-	🇨🇳 China mainland	Yes	true	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	05/02/2026, 21:12:02	02/03/2026, 13:51:40	Yes	No	-	-	06/02/2026, 03:13:23	tencent.com
8.138.153.•••:18789	-	🇸🇬 Singapore	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alibaba Cloud	05/02/2026, 21:12:02	06/04/2026, 04:25:40	No	Yes	APT15, APT28, APT31, APT37, APT39, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT, The Shadow Brokers	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 03:53:15	-
47.101.42.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	05/02/2026, 21:09:51	07/03/2026, 13:56:48	No	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 07:03:07	-
47.98.191.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	05/02/2026, 21:09:51	02/03/2026, 22:30:17	No	Yes	APT-C-23, APT36, Carbanak, Cobalt Group, DarkHotel Group, Equation Group, Gamaredon Group, Ghostwriter, Lazarus Group, Turla APT Group, Volt Typhoon	CVE-2017-20005, CVE-2017-7529, CVE-2018-16843, CVE-2018-16844, CVE-2018-16845, CVE-2019-20372, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2021-23017, CVE-2021-3618, CVE-2022-41741, CVE-2022-41742, CVE-2023-44487	06/02/2026, 07:03:12	-
206.189.65.•••:18789	-	🇺🇸 United States	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:09:51	11/04/2026, 23:57:34	-	-	-	-	06/02/2026, 07:03:19	-
8.145.50.•••:18789	Assistant	🇸🇬 Singapore	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alibaba Cloud	05/02/2026, 21:09:51	11/04/2026, 07:49:02	No	No	-	-	06/02/2026, 07:03:24	-
8.148.4.•••:18789	Assistant	🇸🇬 Singapore	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alibaba Cloud	05/02/2026, 21:09:51	25/02/2026, 13:41:45	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	06/02/2026, 07:03:32	-
47.252.68.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	05/02/2026, 21:09:51	05/03/2026, 00:39:10	No	-	-	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 07:03:34	-
47.109.82.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	05/02/2026, 21:09:50	02/03/2026, 05:40:20	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	06/02/2026, 07:03:59	-
47.252.74.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	05/02/2026, 21:09:50	11/04/2026, 23:56:48	No	No	-	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 07:04:03	-
47.236.127.•••:18789	Assistant	🇺🇸 United States	Yes	true	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	05/02/2026, 21:09:50	05/03/2026, 00:39:17	Yes	Yes	APT-C-23, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347	06/02/2026, 07:04:09	hichina.com, alibaba-inc.com
8.152.206.•••:18789	Assistant	🇸🇬 Singapore	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alibaba Cloud	05/02/2026, 21:09:50	05/03/2026, 00:38:47	No	No	-	-	06/02/2026, 07:04:16	-
121.41.51.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Leaked	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	05/02/2026, 21:09:50	22/03/2026, 15:13:51	Yes	Yes	APT-C-23, Gamaredon Group, Ghostwriter, Lazarus Group, Turla APT Group, Volt Typhoon	CVE-2021-3618, CVE-2022-41741, CVE-2022-41742, CVE-2023-44487, CVE-2024-7347	06/02/2026, 07:04:19	datacamp.co.uk, aliyun.com
47.97.167.•••:18789	Assistant	🇨🇳 China mainland	Yes	true	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	05/02/2026, 21:09:50	03/03/2026, 14:37:26	No	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2014-4078, CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 07:04:20	-
165.22.230.•••:18789	-	🇨🇦 Canada	-	true	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 21:09:50	11/04/2026, 10:48:29	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728	06/02/2026, 07:04:25	-

🦞 OpenClaw Exposure Watchboard

Ship Secure Enterprise AI Agents 10× Faster with vivgrid.com

Vivgrid gives you authentication, model gateway, tool control, cost tracking, and enterprise observability — everything you need to ship AI agents safely at scale.