🦞 OpenClaw Exposure Watchboard

This page lists publicly reachable active OpenClaw instances for defensive awareness. If this is your deployment, enable authentication, remove direct public exposure, and patch immediately.

Exposed Instances: 816988 Page: 7190 / 8170 (100 per page) Showing: 718901-719000 Last Imported: 30/04/2026, 13:26:03

🇨🇳 425,761

🇺🇸 231,518

Endpoint	Assistant Name	Country	auth_required	is_active	has_leaked_creds	asn	asn_name	org	first_seen	last_seen	asi_has_breach	asi_has_threat_actor	asi_threat_actors	asi_cves	asi_enriched_at	asi_domains
46.225.58.•••:18789	-	🇩🇪 Germany	-	false	Clean	AS24940	Hetzner Online GmbH	Hetzner	05/02/2026, 11:31:27	14/03/2026, 01:53:34	No	No	-	-	05/02/2026, 22:41:32	-
144.91.79.•••:18789	-	🇩🇪 Germany	-	false	Leaked	AS51167	Contabo GmbH	Contabo	05/02/2026, 11:31:27	07/02/2026, 11:44:18	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT37, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728	05/02/2026, 22:41:37	contaboserver.net, contabo.de, contabo.net
140.143.250.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 11:31:27	12/02/2026, 16:17:08	No	-	-	-	05/02/2026, 22:41:41	-
2a01:4f8:c013:abc5::1:18789	-	🇩🇪 Germany	-	false	Clean	AS24940	Hetzner Online GmbH	Hetzner Online	05/02/2026, 11:31:27	18/02/2026, 05:30:22	-	-	-	-	05/02/2026, 22:41:42	-
159.203.81.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 11:31:27	16/04/2026, 23:33:11	Yes	Yes	APT14, APT15, APT17, APT28, APT31, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SharpPanda, SideWinder APT, The Shadow Brokers	CVE-2006-20001, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2021-44224, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387	05/02/2026, 22:41:43	cyanna.com
175.178.230.•••:18789	菜鷄 (🐣)	🇨🇳 China mainland	Yes	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 11:31:27	05/03/2026, 00:43:40	Yes	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT37, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Turla APT Group, Volt Typhoon	CVE-2016-20012, CVE-2017-9118, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-21708, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2022-31625, CVE-2022-31626, CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-37454, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347	05/02/2026, 22:41:45	tencent.com, ub.ac.id
20.203.98.•••:18789	-	🇺🇸 United States	-	false	Clean	AS8075	Microsoft Corporation	Microsoft	05/02/2026, 11:31:27	07/02/2026, 01:42:52	-	-	-	-	05/02/2026, 22:41:48	-
49.234.19.•••:18789	Claw (🤖)	🇨🇳 China mainland	-	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 11:31:27	07/02/2026, 01:42:52	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, El-Machete, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	05/02/2026, 22:41:49	truecorp.co.th, tencent.com
106.55.92.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 11:31:27	14/04/2026, 03:47:07	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, El-Machete, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617	05/02/2026, 22:41:50	bj189.cn, tencent.com
165.227.23.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 11:31:27	07/02/2026, 16:51:04	No	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	05/02/2026, 22:41:51	-
92.42.107.•••:18789	Assistant	🇫🇷 France	Yes	false	Leaked	AS29066	velia.net Internetdienste GmbH	[name redacted]	05/02/2026, 11:31:27	07/02/2026, 01:42:52	Yes	-	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 22:41:53	godaddy.com, velia.net
124.220.52.•••:18789	-	🇨🇳 China mainland	-	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 11:31:27	28/02/2026, 16:38:40	Yes	No	-	-	05/02/2026, 22:41:56	tencent.com, chinaunicom.cn
117.72.188.•••:18789	-	🇨🇳 China mainland	Yes	false	Leaked	AS141679	China Telecom Beijing Tianjin Hebei Big Data Industry Park Branch	JD.com	05/02/2026, 11:29:16	24/02/2026, 19:45:24	Yes	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-6484, CVE-2024-6485, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:23:20	jdl.cn, vackbot.com, vg.com, jdfinance.com, 51buy.com, blackdragon.com, jddj.com, 7fresh.com, jd.com, 360buy.com, chinabank.com.cn, 360buyimg.com, imdada.cn, jdh.com
173.212.245.•••:18789	Butcher (🔪)	🇫🇷 France	-	false	Leaked	AS51167	Contabo GmbH	Contabo	05/02/2026, 11:29:15	07/02/2026, 00:50:22	Yes	Yes	APT14, APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT40, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, UNC2452, Volt Typhoon, WIRTE	CVE-2015-8325, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-1546, CVE-2016-20012, CVE-2016-3115, CVE-2016-4975, CVE-2016-4979, CVE-2016-5387, CVE-2016-6210, CVE-2016-6515, CVE-2016-8612, CVE-2016-8740, CVE-2016-8743, CVE-2016-8858, CVE-2017-15710, CVE-2017-15715, CVE-2017-15906, CVE-2017-3167, CVE-2017-3169, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-11763, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-1333, CVE-2018-15473, CVE-2018-15919, CVE-2018-17189, CVE-2018-17199, CVE-2018-20685, CVE-2019-0196, CVE-2019-0197, CVE-2019-0211, CVE-2019-0217, CVE-2019-0220, CVE-2019-10082, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11985, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-33193, CVE-2021-34798, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728	06/02/2026, 02:23:23	contabo.de, contabo.net
8.136.102.•••:18789	Assistant	🇸🇬 Singapore	Yes	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alibaba Cloud	05/02/2026, 11:29:15	08/04/2026, 05:31:06	No	Yes	APT15, APT28, APT31, APT36, APT37, APT39, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT, The Shadow Brokers	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2020-17527, CVE-2020-9484, CVE-2021-24122, CVE-2021-25122, CVE-2021-25329, CVE-2021-30640, CVE-2021-33037, CVE-2021-3618, CVE-2021-36368, CVE-2021-41079, CVE-2021-41617, CVE-2021-43980, CVE-2022-23181, CVE-2022-29885, CVE-2022-34305, CVE-2022-41741, CVE-2022-41742, CVE-2022-42252, CVE-2023-28708, CVE-2023-38408, CVE-2023-41080, CVE-2023-42795, CVE-2023-44487, CVE-2023-45648, CVE-2023-46589, CVE-2023-48795, CVE-2023-51385, CVE-2024-21733, CVE-2024-23672, CVE-2024-24549, CVE-2024-34750, CVE-2024-38286, CVE-2024-50379, CVE-2024-52316, CVE-2024-54677, CVE-2024-56337, CVE-2024-7347, CVE-2025-24813, CVE-2025-26465, CVE-2025-31651, CVE-2025-32728, CVE-2025-46701, CVE-2025-48988, CVE-2025-48989, CVE-2025-49124, CVE-2025-49125, CVE-2025-52434, CVE-2025-52520, CVE-2025-53506, CVE-2025-55668	06/02/2026, 02:23:25	-
43.163.199.•••:18789	-	🇸🇬 Singapore	Yes	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	05/02/2026, 11:29:15	04/03/2026, 06:47:09	Yes	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:23:29	tencent.com
8.130.98.•••:18789	-	🇸🇬 Singapore	Yes	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alibaba Cloud	05/02/2026, 11:29:15	25/03/2026, 10:59:41	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:23:30	-
3.87.34.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14618	Amazon.com, Inc.	Amazon Web Services	05/02/2026, 11:29:15	07/02/2026, 00:50:21	No	No	-	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:23:33	-
2a02:4780:10:f3c2::1:18789	-	🇺🇸 United States	-	false	Clean	AS47583	Hostinger International Limited	Hostinger	05/02/2026, 11:29:15	07/02/2026, 00:50:21	-	-	-	-	06/02/2026, 02:24:59	-
209.38.158.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 11:29:15	17/04/2026, 10:01:59	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387	06/02/2026, 02:25:00	-
8.216.28.•••:18789	-	🇸🇬 Singapore	-	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	05/02/2026, 11:29:15	07/02/2026, 06:33:33	-	-	-	-	06/02/2026, 02:25:02	-
1.95.137.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS55990	Huawei Cloud Service data center	Beijing Teletron Telecom	05/02/2026, 11:29:15	26/02/2026, 09:39:59	Yes	No	-	-	06/02/2026, 02:25:04	tot.co.th
47.252.6.•••:18789	-	🇨🇳 China mainland	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	05/02/2026, 11:29:15	15/04/2026, 01:30:17	No	Yes	APT15, APT31, APT37, APT39, Bitter APT, Bluenoroff, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, Salt Typhoon, SideWinder APT	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-1322	06/02/2026, 02:25:05	-
121.4.64.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 11:29:15	02/03/2026, 05:42:37	Yes	Yes	APT37, El-Machete	-	06/02/2026, 02:25:08	tencent.com
1.15.151.•••:18789	星辰 (Xīng Chén) ((待定))	🇨🇳 China mainland	-	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 11:29:15	07/02/2026, 00:50:21	Yes	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-23017, CVE-2021-3618, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	06/02/2026, 02:25:13	tencent.com, tot.co.th
154.8.175.•••:18789	-	🇨🇳 China mainland	Yes	false	Clean	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	05/02/2026, 11:29:15	16/03/2026, 06:00:37	No	No	-	-	06/02/2026, 02:25:18	-
2a02:4780:4:b4e3::1:18789	-	🇺🇸 United States	-	false	Clean	AS47583	Hostinger International Limited	Hostinger	05/02/2026, 11:29:15	17/04/2026, 03:16:42	-	-	-	-	06/02/2026, 02:25:20	-
104.199.111.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS396982	Google LLC	Google	05/02/2026, 11:29:15	09/03/2026, 15:02:01	No	No	-	CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:25:21	-
43.163.203.•••:18789	Assistant	🇸🇬 Singapore	-	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	05/02/2026, 11:29:15	07/02/2026, 01:14:21	Yes	No	-	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:25:27	tencent.com
43.156.47.•••:18789	Assistant	🇸🇬 Singapore	Yes	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	05/02/2026, 11:29:15	02/03/2026, 16:05:48	Yes	Yes	APT37, El-Machete	-	06/02/2026, 02:25:28	tencent.com
165.232.53.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 11:29:15	07/02/2026, 10:14:25	-	-	-	-	06/02/2026, 02:25:29	-
95.217.66.•••:18789	מלך (Melech) (👑)	🇩🇪 Germany	Yes	false	Clean	AS24940	Hetzner Online GmbH	Hetzner	05/02/2026, 11:29:15	09/02/2026, 23:15:24	No	Yes	APT17, APT36, APT37, APT45, CloudSorcerer, Daggerfly APT, Kimsuky, MuddyWater Group, SideWinder APT, The Shadow Brokers	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728	06/02/2026, 02:25:32	-
101.126.90.•••:18789	-	🇨🇳 China mainland	Yes	false	Leaked	AS137718	Beijing Volcano Engine Technology Co., Ltd.	Beijing Volcano Engine Technology	05/02/2026, 11:29:15	18/04/2026, 00:39:07	Yes	-	-	CVE-2016-20012, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:25:33	optage.co.jp, bytedance.com
178.156.235.•••:18789	-	🇺🇸 United States	-	false	Leaked	AS213230	Hetzner Online GmbH	Hetzner	05/02/2026, 11:29:15	16/04/2026, 23:30:56	Yes	No	-	-	06/02/2026, 02:25:35	hetzner.com
144.31.27.•••:18789	Ритуза (Ритузочка), производное от Рита.	🇫🇮 Finland	-	false	Clean	AS213877	u1host ltd	U1host Helsinki	05/02/2026, 11:29:15	07/02/2026, 01:14:21	No	No	-	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:25:39	-
107.172.155.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS36352	HostPapa	RackNerd	05/02/2026, 11:29:15	24/02/2026, 03:09:46	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:25:41	racknerd.com
34.66.23.•••:18789	-	🇺🇸 United States	-	false	Clean	AS396982	Google LLC	Google	05/02/2026, 11:29:15	12/03/2026, 09:33:25	No	Yes	DragonFly, Packrat	CVE-2016-20012, CVE-2020-14145, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617	06/02/2026, 02:25:42	-
162.14.116.•••:18789	-	🇨🇳 China mainland	-	false	Clean	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	05/02/2026, 11:29:15	07/02/2026, 01:14:21	No	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	06/02/2026, 02:25:44	-
31.58.50.•••:18789	-	🇺🇸 United States	Yes	false	Clean	AS56971	AS56971 Cloud	CGI Global Limited	05/02/2026, 11:29:15	02/03/2026, 16:50:48	No	No	-	CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:25:47	-
129.226.213.•••:18789	Assistant	🇸🇬 Singapore	Yes	false	Clean	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	05/02/2026, 11:29:15	24/02/2026, 12:53:12	No	Yes	APT15, APT28, APT31, APT35, APT37, APT39, Bitter APT, Bluenoroff, Cobalt Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Salt Typhoon, Sandworm Team, SideWinder APT, The Shadow Brokers	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385	06/02/2026, 02:25:48	-
2409:8a5c:89:a3b0:9548:1a67:8b73:aebe:18789	-	🇨🇳 China mainland	-	false	Clean	AS9808	China Mobile Communications Group Co., Ltd.	China Mobile	05/02/2026, 11:29:15	07/02/2026, 01:14:21	-	-	-	-	06/02/2026, 02:25:50	-
159.65.48.•••:18789	-	🇬🇧 United Kingdom	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 11:29:15	24/03/2026, 11:22:02	No	Yes	APT-C-23, APT1 Comment Crew, APT14, APT15, APT17, APT27, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Earth Berberoka, Earth Longzhi, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA428, TA505, The Shadow Brokers, Turla APT Group, UNC2452, Volt Typhoon, WIRTE	CVE-2006-20001, CVE-2012-6708, CVE-2013-1896, CVE-2013-4352, CVE-2013-5704, CVE-2013-6438, CVE-2014-0098, CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2014-3523, CVE-2014-3581, CVE-2014-8109, CVE-2015-0228, CVE-2015-3183, CVE-2015-3185, CVE-2015-9251, CVE-2016-0736, CVE-2016-10708, CVE-2016-20012, CVE-2016-2161, CVE-2016-4975, CVE-2016-5387, CVE-2016-8612, CVE-2016-8743, CVE-2017-15710, CVE-2017-15715, CVE-2017-15906, CVE-2017-3167, CVE-2017-7679, CVE-2017-8923, CVE-2017-9788, CVE-2017-9798, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-15473, CVE-2018-15919, CVE-2018-17199, CVE-2018-20685, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-11358, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11022, CVE-2020-11023, CVE-2020-11985, CVE-2020-13938, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-7656, CVE-2021-21707, CVE-2021-26690, CVE-2021-26691, CVE-2021-34798, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31628, CVE-2022-31629, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2022-37454, CVE-2023-25690, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-39894, CVE-2024-40898, CVE-2024-4577, CVE-2024-5458, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:25:55	-
51.222.27.•••:18789	OpenClaw (default, user can change)	🇨🇦 Canada	Yes	false	Clean	AS16276	OVH SAS	OVH Hosting	05/02/2026, 11:29:15	31/03/2026, 12:40:04	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:25:58	ovh.ca
43.156.39.•••:18789	-	🇸🇬 Singapore	-	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	05/02/2026, 11:29:15	04/03/2026, 12:42:34	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2020-8616, CVE-2020-8617, CVE-2020-8618, CVE-2020-8619, CVE-2020-8620, CVE-2020-8621, CVE-2020-8622, CVE-2020-8623, CVE-2020-8624, CVE-2020-8625, CVE-2021-25214, CVE-2021-25215, CVE-2021-25216, CVE-2021-25219, CVE-2021-25220, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2022-2795, CVE-2022-3094, CVE-2022-38177, CVE-2022-38178, CVE-2023-2828, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-1322, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:26:03	tencent.com
77.42.86.•••:18789	-	🇫🇮 Finland	Yes	false	Clean	AS24940	Hetzner Online GmbH	Hetzner	05/02/2026, 11:29:15	15/04/2026, 09:59:32	No	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:26:04	-
154.201.92.•••:18789	龙虾 (/avatar/main)	🇭🇰 Hong Kong	Yes	false	Clean	AS8796	FASTNET DATA INC	CognetCloud	05/02/2026, 11:29:15	02/03/2026, 10:09:23	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2015-9251, CVE-2016-20012, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023, CVE-2020-23064, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:26:05	-
47.237.138.•••:18789	-	🇺🇸 United States	-	false	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	05/02/2026, 11:29:15	07/02/2026, 01:25:39	Yes	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT36, APT37, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:26:06	hichina.com, alibaba-inc.com
128.251.12.•••:18789	-	🇪🇺 European Union	-	false	Clean	AS8075	Microsoft Corporation	Cloud	05/02/2026, 11:29:15	18/02/2026, 01:00:05	-	-	-	-	06/02/2026, 02:26:07	-
164.92.143.•••:18789	-	🇩🇪 Germany	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 11:29:15	07/02/2026, 01:25:39	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MoustachedBouncer, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, UNC2452, Volt Typhoon	CVE-2013-0340, CVE-2015-20107, CVE-2016-20012, CVE-2016-3189, CVE-2018-25032, CVE-2019-12900, CVE-2020-10735, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-23336, CVE-2021-28041, CVE-2021-28861, CVE-2021-29921, CVE-2021-3426, CVE-2021-36368, CVE-2021-3733, CVE-2021-3737, CVE-2021-41617, CVE-2021-4189, CVE-2022-0391, CVE-2022-37454, CVE-2022-42919, CVE-2022-45061, CVE-2023-24329, CVE-2023-27043, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347	06/02/2026, 02:26:09	-
187.84.150.•••:18789	-	🇧🇷 Brazil	-	false	Clean	AS267121	ATPlus Telecom	ATPlus Telecom	05/02/2026, 11:29:15	07/02/2026, 01:25:39	No	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:26:11	-
167.71.125.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 11:29:15	07/02/2026, 01:25:39	No	No	-	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:26:12	-
188.245.224.•••:18789	-	🇩🇪 Germany	Yes	false	Clean	AS24940	Hetzner Online GmbH	Hetzner	05/02/2026, 11:29:15	15/04/2026, 13:26:29	No	Yes	APT15, APT17, APT28, APT31, APT36, APT37, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT, The Shadow Brokers	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:26:15	-
118.196.84.•••:18789	智能欧几里德德（德德） (🔮)	🇨🇳 China mainland	Yes	false	Clean	AS137718	Beijing Volcano Engine Technology Co., Ltd. / AS4811 China Telecom (Group)	Beijing Volcano Engine Technology	05/02/2026, 11:29:15	02/03/2026, 19:05:04	-	-	-	-	06/02/2026, 02:26:17	-
43.134.181.•••:18789	Assistant	🇸🇬 Singapore	-	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	05/02/2026, 11:29:15	07/02/2026, 01:25:39	Yes	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:26:19	tencent.com
129.226.155.•••:18789	Assistant	🇸🇬 Singapore	Yes	false	Clean	AS132203	Tencent Building, Kejizhongyi Avenue	Raffles	05/02/2026, 11:29:15	09/03/2026, 17:03:46	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:26:20	-
64.43.157.•••:18789	Morgan	🇮🇪 Ireland	-	false	Clean	AS15502	Vodafone Ireland Limited	Vodafone Ireland	05/02/2026, 11:29:15	07/02/2026, 05:35:40	No	-	-	-	06/02/2026, 02:26:22	-
118.196.73.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS137718	Beijing Volcano Engine Technology Co., Ltd. / AS4811 China Telecom (Group)	Beijing Volcano Engine Technology	05/02/2026, 11:29:15	05/03/2026, 00:03:51	-	-	-	-	06/02/2026, 02:26:23	-
35.201.178.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS396982	Google LLC	Google	05/02/2026, 11:29:15	09/02/2026, 21:47:38	No	Yes	APT28, APT35, APT37, APT39, Cobalt Group, DragonFly, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers	CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	06/02/2026, 02:26:26	-
138.197.184.•••:18789	-	🇩🇪 Germany	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 11:29:15	07/02/2026, 01:32:37	No	Yes	APT14, APT28, APT35, APT37, APT39, APT40, APT41, Cobalt Group, Equation Group, Gamaredon Group, IronHusky, Kimsuky, Lazarus Group, Mustang Panda, Sandworm Team, SharpPanda, TA505, The Shadow Brokers, UNC2452, WIRTE	CVE-2006-20001, CVE-2017-15710, CVE-2017-15715, CVE-2018-11763, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-1333, CVE-2018-15473, CVE-2018-15919, CVE-2018-17189, CVE-2018-17199, CVE-2018-20685, CVE-2019-0196, CVE-2019-0197, CVE-2019-0211, CVE-2019-0217, CVE-2019-0220, CVE-2019-10081, CVE-2019-10082, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9517, CVE-2020-11993, CVE-2020-14145, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-33193, CVE-2021-34798, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690	06/02/2026, 02:26:27	-
146.59.196.•••:18789	-	🇫🇷 France	Yes	false	Leaked	AS16276	OVH SAS	OVH	05/02/2026, 11:29:15	15/04/2026, 03:20:04	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-43622, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:26:29	ovh.net
159.89.103.•••:18789	-	🇩🇪 Germany	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 11:29:15	20/02/2026, 22:10:12	No	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10002, CVE-2016-10003, CVE-2016-10708, CVE-2017-15906, CVE-2018-1000024, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-12519, CVE-2019-12521, CVE-2019-12523, CVE-2019-12525, CVE-2019-12526, CVE-2019-12529, CVE-2019-18676, CVE-2019-18677, CVE-2019-18678, CVE-2019-18679, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11945, CVE-2020-14058, CVE-2020-14145, CVE-2020-15049, CVE-2020-24606, CVE-2020-25097, CVE-2021-28651, CVE-2021-28652, CVE-2021-31807, CVE-2021-41617, CVE-2021-46784	06/02/2026, 02:26:30	-
142.4.10.•••:18789	Rudra (⚡)	🇺🇸 United States	Yes	false	Leaked	AS46606	Unified Layer	Unified Layer	05/02/2026, 11:29:15	13/02/2026, 04:03:08	Yes	Yes	APT14, APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT40, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Earth Berberoka, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, UNC2452, Volt Typhoon, WIRTE	CVE-2013-1896, CVE-2013-4352, CVE-2013-5704, CVE-2013-6438, CVE-2014-0098, CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2014-3581, CVE-2014-8109, CVE-2015-0228, CVE-2015-3183, CVE-2015-3185, CVE-2016-0736, CVE-2016-10708, CVE-2016-20012, CVE-2016-2161, CVE-2016-4975, CVE-2016-5387, CVE-2016-8612, CVE-2016-8743, CVE-2017-15710, CVE-2017-15715, CVE-2017-15906, CVE-2017-3167, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-15473, CVE-2018-15919, CVE-2018-17199, CVE-2018-20685, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11985, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-28007, CVE-2020-28008, CVE-2020-28009, CVE-2020-28010, CVE-2020-28011, CVE-2020-28012, CVE-2020-28013, CVE-2020-28014, CVE-2020-28015, CVE-2020-28016, CVE-2020-28018, CVE-2020-28019, CVE-2020-28021, CVE-2020-28022, CVE-2020-28023, CVE-2020-28024, CVE-2020-28025, CVE-2020-28026, CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-27216, CVE-2021-34798, CVE-2021-36368, CVE-2021-38371, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-37451, CVE-2022-37452, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-51766, CVE-2024-39929, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:27:32	athenixinc.com, hostmonster.com, site5.com, domain.com, readyhosting.com, homestead.com, endurance.com, mojomarketplace.com, dotster.com, bluehost.com
43.159.45.•••:18789	-	🇸🇬 Singapore	-	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	05/02/2026, 11:29:15	07/02/2026, 01:32:37	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:27:34	tencent.com
34.29.35.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS396982	Google LLC	Google	05/02/2026, 11:29:15	09/02/2026, 10:13:23	No	No	-	-	06/02/2026, 02:27:35	-
134.175.99.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	05/02/2026, 11:29:14	02/04/2026, 23:56:04	No	-	-	-	06/02/2026, 02:27:40	-
34.131.152.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS396982	Google LLC	Google	05/02/2026, 11:29:14	09/03/2026, 17:03:42	-	-	-	-	06/02/2026, 02:27:41	-
38.38.251.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS139659	LUCIDACLOUD LIMITED	Peg Tech Inc	05/02/2026, 11:29:14	24/02/2026, 02:24:51	Yes	No	-	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:27:44	cogentco.com
2a02:c207:2306:3101::1:18789	-	🇫🇷 France	-	false	Clean	AS51167	Contabo GmbH	Contabo	05/02/2026, 11:29:14	09/02/2026, 16:35:48	-	-	-	-	06/02/2026, 02:27:48	-
5.175.184.•••:18789	Assistant	🇩🇪 Germany	Yes	false	Clean	AS206996	ZAP-Hosting GmbH	Ghostnet	05/02/2026, 11:29:14	26/02/2026, 17:03:47	No	No	-	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:27:50	-
47.93.173.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	05/02/2026, 11:29:14	03/04/2026, 10:23:54	No	No	-	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:27:51	-
46.225.58.•••:18789	-	🇩🇪 Germany	-	false	Clean	AS24940	Hetzner Online GmbH	Hetzner	05/02/2026, 11:29:14	14/03/2026, 01:51:11	No	No	-	-	06/02/2026, 02:27:55	-
144.91.79.•••:18789	-	🇩🇪 Germany	-	false	Leaked	AS51167	Contabo GmbH	Contabo	05/02/2026, 11:29:14	07/02/2026, 11:41:59	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT37, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728	06/02/2026, 02:27:57	contaboserver.net, contabo.de, contabo.net
140.143.250.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 11:29:14	12/02/2026, 16:14:50	No	-	-	-	06/02/2026, 02:27:59	-
2a01:4f8:c013:abc5::1:18789	-	🇩🇪 Germany	-	false	Clean	AS24940	Hetzner Online GmbH	Hetzner Online	05/02/2026, 11:29:14	18/02/2026, 04:42:44	-	-	-	-	06/02/2026, 02:28:00	-
159.203.81.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 11:29:14	16/04/2026, 23:30:50	Yes	Yes	APT14, APT15, APT17, APT28, APT31, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SharpPanda, SideWinder APT, The Shadow Brokers	CVE-2006-20001, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2021-44224, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387	06/02/2026, 02:28:02	cyanna.com
175.178.230.•••:18789	菜鷄 (🐣)	🇨🇳 China mainland	Yes	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 11:29:14	05/03/2026, 00:41:21	Yes	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT37, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Turla APT Group, Volt Typhoon	CVE-2016-20012, CVE-2017-9118, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-21708, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2022-31625, CVE-2022-31626, CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-37454, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347	06/02/2026, 02:28:04	tencent.com, ub.ac.id
20.203.98.•••:18789	-	🇺🇸 United States	-	false	Clean	AS8075	Microsoft Corporation	Microsoft	05/02/2026, 11:29:14	07/02/2026, 01:40:34	-	-	-	-	06/02/2026, 02:28:07	-
49.234.19.•••:18789	Claw (🤖)	🇨🇳 China mainland	-	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 11:29:14	07/02/2026, 01:40:34	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, El-Machete, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	06/02/2026, 02:28:09	truecorp.co.th, tencent.com
106.55.92.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 11:29:14	14/04/2026, 03:44:46	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, El-Machete, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617	06/02/2026, 02:28:10	bj189.cn, tencent.com
165.227.23.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	05/02/2026, 11:29:14	07/02/2026, 16:48:49	No	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	06/02/2026, 02:28:11	-
92.42.107.•••:18789	Assistant	🇫🇷 France	Yes	false	Leaked	AS29066	velia.net Internetdienste GmbH	[name redacted]	05/02/2026, 11:29:14	07/02/2026, 01:48:41	Yes	-	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 02:28:12	godaddy.com, velia.net
47.90.242.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	05/02/2026, 11:27:00	28/02/2026, 07:40:45	No	-	-	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 11:27:17	-
175.178.80.•••:18789	-	🇨🇳 China mainland	-	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 11:27:00	21/02/2026, 09:21:12	Yes	Yes	APT37, El-Machete	-	05/02/2026, 11:27:18	tencent.com, ub.ac.id
47.250.45.•••:18789	-	🇲🇾 Malaysia	-	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Malaysia	05/02/2026, 11:27:00	06/02/2026, 21:02:38	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 11:27:21	-
180.76.133.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	05/02/2026, 11:27:00	01/03/2026, 01:28:26	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	-	05/02/2026, 11:27:26	tfn.net.tw, baidu.com
124.221.127.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 11:27:00	13/03/2026, 23:36:03	Yes	Yes	APT37, El-Machete	-	05/02/2026, 11:27:33	tencent.com, chinaunicom.cn
47.253.118.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	05/02/2026, 11:27:00	07/03/2026, 07:23:17	No	No	-	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 11:27:34	-
172.104.124.•••:18789	-	🇯🇵 Japan	-	false	Leaked	AS63949	Akamai Connected Cloud	Linode	05/02/2026, 11:27:00	06/02/2026, 21:02:38	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 11:27:35	cloudways.com, cloudwaysapps.com
121.40.193.•••:18789	小B (👋)	🇨🇳 China mainland	Yes	false	Leaked	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	05/02/2026, 11:27:00	09/02/2026, 08:00:33	Yes	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-11235, CVE-2024-6387, CVE-2025-1217, CVE-2025-1219, CVE-2025-1220, CVE-2025-1734, CVE-2025-1735, CVE-2025-1736, CVE-2025-1861, CVE-2025-26465, CVE-2025-32728, CVE-2025-6491	05/02/2026, 11:27:37	datacamp.co.uk, aliyun.com
8.213.157.•••:18789	龙虾 (🦞)	🇸🇬 Singapore	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud South Korea	05/02/2026, 11:27:00	18/04/2026, 00:35:50	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2022-40468, CVE-2023-38408, CVE-2023-40533, CVE-2023-48795, CVE-2023-49606, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 11:27:41	-
47.80.17.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	05/02/2026, 11:27:00	07/03/2026, 07:22:32	Yes	No	-	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 11:27:43	hichina.com, alibaba-inc.com
47.252.113.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	05/02/2026, 11:27:00	05/03/2026, 00:39:14	No	No	-	-	05/02/2026, 11:27:45	-
47.236.65.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	05/02/2026, 11:27:00	05/03/2026, 00:40:18	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 11:27:48	hichina.com, alibaba-inc.com
47.92.229.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	05/02/2026, 11:27:00	18/04/2026, 00:36:59	No	No	-	CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728	05/02/2026, 11:27:49	-
120.76.238.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	05/02/2026, 11:27:00	18/04/2026, 00:36:24	Yes	Yes	APT14, APT28, APT35, APT37, APT39, APT40, APT41, Cobalt Group, Earth Berberoka, Equation Group, Gamaredon Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, Mustang Panda, Sandworm Team, SharpPanda, TA505, The Shadow Brokers, UNC2452, WIRTE	CVE-2006-20001, CVE-2013-1896, CVE-2013-4352, CVE-2013-5704, CVE-2013-6438, CVE-2014-0098, CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2014-3581, CVE-2014-8109, CVE-2015-0228, CVE-2015-3183, CVE-2015-3185, CVE-2016-0736, CVE-2016-20012, CVE-2016-2161, CVE-2016-4975, CVE-2016-5387, CVE-2016-8612, CVE-2016-8743, CVE-2017-15710, CVE-2017-15715, CVE-2017-3167, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-17199, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-16905, CVE-2019-17567, CVE-2020-11985, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-34798, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-28625, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728	05/02/2026, 11:27:50	chinamobile.com, aliyun.com, chinamobile.cn
60.142.158.•••:18789	-	🇯🇵 Japan	Yes	false	Leaked	AS17676	SoftBank Corp.	SoftBank	05/02/2026, 11:27:00	17/04/2026, 10:45:01	Yes	No	-	-	05/02/2026, 11:27:51	bbtec.net
115.159.227.•••:18789	-	🇨🇳 China mainland	-	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	05/02/2026, 11:27:00	06/02/2026, 21:17:37	Yes	Yes	APT37, El-Machete	-	05/02/2026, 11:27:53	tencent.com
8.222.164.•••:18789	Assistant	🇸🇬 Singapore	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	05/02/2026, 11:27:00	28/02/2026, 15:03:54	No	-	-	CVE-2016-20012, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 11:27:55	-
47.95.157.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	05/02/2026, 11:27:00	17/04/2026, 05:29:33	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2017-15945, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385	05/02/2026, 11:27:56	-
47.85.26.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	05/02/2026, 11:27:00	08/03/2026, 06:10:00	Yes	No	-	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	05/02/2026, 11:27:57	hichina.com, alibaba-inc.com

🦞 OpenClaw Exposure Watchboard

Ship Secure Enterprise AI Agents 10× Faster with vivgrid.com

Vivgrid gives you authentication, model gateway, tool control, cost tracking, and enterprise observability — everything you need to ship AI agents safely at scale.