🦞 OpenClaw Exposure Watchboard

This page lists publicly reachable active OpenClaw instances for defensive awareness. If this is your deployment, enable authentication, remove direct public exposure, and patch immediately.

Exposed Instances: 816988 Page: 7887 / 8170 (100 per page) Showing: 788601-788700 Last Imported: 30/04/2026, 13:26:03

🇨🇳 425,761

🇺🇸 231,518

Endpoint	Assistant Name	Country	auth_required	is_active	has_leaked_creds	asn	asn_name	org	first_seen	last_seen	asi_has_breach	asi_has_threat_actor	asi_threat_actors	asi_cves	asi_enriched_at	asi_domains
106.12.163.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	03/02/2026, 21:20:38	03/02/2026, 22:21:55	Yes	Yes	APT17, APT28, APT37, Carbanak, DragonFly, El-Machete, Gozi, Lazarus Group, Packrat	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-1636, CVE-2021-36368, CVE-2021-41617, CVE-2022-29143, CVE-2023-21528, CVE-2023-21704, CVE-2023-21705, CVE-2023-21713, CVE-2023-21718, CVE-2023-23384	06/02/2026, 19:46:00	bj189.cn, baidu.com
8.130.211.•••:18789	-	🇸🇬 Singapore	-	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alibaba Cloud	03/02/2026, 21:20:38	03/02/2026, 22:21:55	No	No	-	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:46:01	-
47.250.187.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	03/02/2026, 21:20:38	03/02/2026, 22:21:55	Yes	No	-	CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728	06/02/2026, 19:46:02	hichina.com, alibaba-inc.com
8.215.37.•••:18789	Assistant	🇸🇬 Singapore	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	03/02/2026, 21:20:38	03/02/2026, 22:21:55	No	No	-	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-44487, CVE-2024-7347, CVE-2025-23419	06/02/2026, 19:46:03	-
47.252.81.•••:18789	沐林 (🌱)	🇨🇳 China mainland	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 21:20:38	03/02/2026, 22:21:55	No	Yes	APT15, APT28, APT31, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:46:04	-
172.234.86.•••:18789	-	🇯🇵 Japan	-	false	Clean	AS63949	Akamai Connected Cloud	Linode	03/02/2026, 21:20:38	03/02/2026, 22:24:01	-	-	-	-	06/02/2026, 16:55:07	-
146.190.57.•••:443	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 21:03:29	03/02/2026, 22:03:41	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-6387	06/02/2026, 23:21:30	-
68.183.80.•••:443	Arc	🇮🇳 India	Yes	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 21:03:29	03/02/2026, 22:03:41	No	Yes	APT14, APT40, APT41, Cobalt Group, Gamaredon Group, Kimsuky, Lazarus Group, SharpPanda	CVE-2006-20001, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2021-44224, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522	06/02/2026, 23:21:32	-
180.76.117.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	03/02/2026, 21:03:29	03/02/2026, 22:03:41	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	-	06/02/2026, 23:21:33	tfn.net.tw, baidu.com
167.71.199.•••:443	-	🇸🇬 Singapore	Yes	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 21:03:29	03/02/2026, 22:03:41	No	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 23:21:34	-
159.89.180.•••:443	-	🇺🇸 United States	Yes	false	Leaked	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 21:03:29	03/02/2026, 22:03:41	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Salt Typhoon, Sandworm Team, The Shadow Brokers	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 23:21:35	gedesa.com
157.245.122.•••:443	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 21:03:29	03/02/2026, 22:03:41	No	Yes	APT14, APT15, APT28, APT29, APT31, APT34, APT40, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, UNC2452, Volt Typhoon, WIRTE	CVE-2006-20001, CVE-2016-20012, CVE-2019-17567, CVE-2020-11984, CVE-2020-11993, CVE-2020-12062, CVE-2020-13938, CVE-2020-13950, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-30641, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 23:21:36	-
146.190.167.•••:443	Assistant	🇺🇸 United States	Yes	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 21:03:29	03/02/2026, 22:03:41	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT36, APT37, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728	06/02/2026, 23:21:38	-
43.128.42.•••:443	Assistant	🇭🇰 Hong Kong	Yes	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	03/02/2026, 21:03:29	03/02/2026, 22:03:41	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	06/02/2026, 23:21:39	tencent.com
47.111.22.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	03/02/2026, 21:03:29	03/02/2026, 22:03:41	No	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728	06/02/2026, 23:21:40	-
164.92.80.•••:443	-	🇺🇸 United States	-	false	Leaked	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 21:03:29	03/02/2026, 22:03:41	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728	06/02/2026, 23:21:41	rcnhost.com, digitaloceanspaces.com, paperspace.io, dnsrd.com, digitalocean.com, scotch.io, snapshooter.com, lucidlink.com, dns04.com, paperspace.com, css-tricks.com
47.111.31.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	03/02/2026, 21:01:26	03/02/2026, 22:01:39	No	No	-	-	07/02/2026, 02:29:48	-
47.101.41.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	03/02/2026, 21:01:26	03/02/2026, 22:01:39	No	No	-	-	07/02/2026, 02:29:49	-
47.109.34.•••:443	-	🇨🇳 China mainland	-	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	03/02/2026, 21:01:26	03/02/2026, 22:01:39	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	07/02/2026, 02:29:51	-
8.215.91.•••:18789	小粗 (🤪)	🇸🇬 Singapore	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	03/02/2026, 21:01:26	03/02/2026, 22:21:56	-	-	-	-	06/02/2026, 19:45:16	-
182.92.60.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	03/02/2026, 21:01:26	03/02/2026, 22:21:56	-	-	-	-	06/02/2026, 19:45:17	-
8.215.89.•••:18789	Base Builder Agent (/avatar/main)	🇸🇬 Singapore	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	03/02/2026, 21:01:26	03/02/2026, 22:21:56	-	-	-	-	06/02/2026, 19:45:19	-
47.253.15.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 21:01:26	03/02/2026, 22:21:56	No	No	-	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:45:20	-
47.236.144.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	03/02/2026, 21:01:26	03/02/2026, 22:21:55	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728	06/02/2026, 19:45:22	hichina.com, alibaba-inc.com
47.236.86.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	03/02/2026, 21:01:26	03/02/2026, 22:21:55	Yes	Yes	APT-C-23, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:45:23	hichina.com, alibaba-inc.com
207.180.216.•••:443	Jihu (🤖)	🇩🇪 Germany	Yes	false	Leaked	AS51167	Contabo GmbH	Contabo	03/02/2026, 21:01:26	03/02/2026, 22:01:39	Yes	Yes	APT14, APT15, APT28, APT29, APT31, APT34, APT40, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2020-14145, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2021-44224, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	07/02/2026, 02:29:53	contaboserver.net, contabo.de, contabo.net
89.167.23.•••:443	GENIE (🧞)	🇫🇮 Finland	Yes	false	Clean	AS24940	Hetzner Online GmbH	Hetzner	03/02/2026, 21:00:26	03/02/2026, 22:00:41	-	-	-	-	07/02/2026, 03:01:17	-
8.215.77.•••:80	-	🇸🇬 Singapore	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	03/02/2026, 21:00:26	03/02/2026, 22:00:41	No	Yes	APT17, APT36, APT37, APT45, CloudSorcerer, Daggerfly APT, Kimsuky, MuddyWater Group, SideWinder APT, The Shadow Brokers	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728	07/02/2026, 03:01:18	-
132.145.57.•••:18789	Jarvis (/avatar/main)	🇺🇸 United States	Yes	false	Leaked	AS31898	Oracle Corporation	Oracle Cloud	03/02/2026, 21:00:26	03/02/2026, 22:24:02	Yes	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, DragonFly, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Packrat, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon, gozi	CVE-2016-20012, CVE-2020-14145, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 16:54:30	healtheintent.com, purewellness.com, cerner.ae, retek.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, oracle.com, hiedirectconnect.org, maxymiser.net, oraclecloudservices.com, rsys2.net, hyperroll.com, nor1.com, oxygen.systems, oraclegovcloud.com, orcale.com, oraclemobile.com, sun.co.in, openair.co, oraclepdemos.com, stellent.com, siebel.com, cerner.net, oracle-cloud.com, docucorp.com, mvalent.com, netsuiteforms.com, oracleemaildelivery.com, oraclecloud.com, en25.com, solaris.com, rightnowtech.com, think.com, ipapp.com, jdedwards.com, tiger-institute.org, zenedge.com, skire.com, sun.com, sales.com, fyleio.com, push.io, estara.com, tekelec.com, paymyhealthbill.com, dyndns.com, java.net, optika.com, jcp.org, smed.com, cernerenviza-tw.com, datafox.com, recruitmax.com, decisioneering.com, adiinsights.com, stortek.com, seebeyond.com, livelook.com, openjdk.org, virtualbox.org, dyn.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, storagetek.com, oracledatacloud.com
18.191.154.•••:18789	Dexter (🔬)	🇺🇸 United States	Yes	false	Clean	AS16509	Amazon.com, Inc.	Amazon	03/02/2026, 20:58:15	03/02/2026, 22:20:09	No	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	06/02/2026, 20:16:33	-
115.220.165.•••:18789	-	🇨🇳 China mainland	-	false	Clean	AS4134	Chinanet	ChinaNet ZJ Ningbo	03/02/2026, 20:58:15	03/02/2026, 22:20:09	No	No	-	-	06/02/2026, 20:16:34	-
45.192.99.•••:18789	Assistant	🇭🇰 Hong Kong	Yes	false	Clean	AS401701	cognetcloud INC	Vapeline Technology	03/02/2026, 20:58:15	03/02/2026, 22:24:02	No	No	-	CVE-2025-61984, CVE-2025-61985	06/02/2026, 16:54:26	-
141.148.139.•••:18789	-	🇺🇸 United States	Yes	false	Leaked	AS31898	Oracle Corporation	Oracle	03/02/2026, 20:58:15	03/02/2026, 22:24:02	Yes	Yes	APT-C-23, APT10, APT15, APT27, APT28, APT29, APT31, APT32, APT34, APT35, APT36, APT39, APT40, APT41, APT45, AQUATIC PANDA, Antlion APT, Bahamut, Bitter APT, Bluenoroff, Callisto Group, Carbanak, Cobalt Group, CostaRicto, Donot Team, DragonFly, Earth Berberoka, Energetic Bear, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Gold Lowell, Grim Spider, Hafnium Group, Inception Framework, Kimsuky, Konni Group, Lazarus Group, Moses Staff APT, MuddyWater Group, Packrat, Patchwork, Pioneer Kitten, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Silence Hacker Group, TA456, TA505, The Shadow Brokers, The White Company, Tropic Trooper, Turla APT Group, Urpage, Volt Typhoon, gozi	CVE-2016-20012, CVE-2016-2124, CVE-2017-11103, CVE-2017-12150, CVE-2017-12151, CVE-2017-12163, CVE-2017-14746, CVE-2017-15275, CVE-2017-7494, CVE-2018-1050, CVE-2018-1057, CVE-2018-10858, CVE-2018-10919, CVE-2018-14628, CVE-2018-14629, CVE-2018-16841, CVE-2018-16851, CVE-2019-10218, CVE-2019-14833, CVE-2019-14847, CVE-2019-14861, CVE-2019-14870, CVE-2019-14902, CVE-2019-3824, CVE-2019-3880, CVE-2020-10704, CVE-2020-10730, CVE-2020-10745, CVE-2020-10760, CVE-2020-12062, CVE-2020-14145, CVE-2020-14318, CVE-2020-14323, CVE-2020-14383, CVE-2020-1472, CVE-2020-15778, CVE-2020-17049, CVE-2020-25717, CVE-2020-25718, CVE-2020-25719, CVE-2020-25722, CVE-2020-27840, CVE-2021-20251, CVE-2021-20254, CVE-2021-20277, CVE-2021-20316, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-3670, CVE-2021-3671, CVE-2021-3738, CVE-2021-41617, CVE-2021-43566, CVE-2021-44141, CVE-2021-44142, CVE-2022-0336, CVE-2022-1615, CVE-2022-2031, CVE-2022-32742, CVE-2022-32743, CVE-2022-32744, CVE-2022-32746, CVE-2022-3437, CVE-2022-41741, CVE-2022-41742, CVE-2022-42898, CVE-2022-45141, CVE-2023-0614, CVE-2023-0922, CVE-2023-28531, CVE-2023-34966, CVE-2023-34967, CVE-2023-34968, CVE-2023-38408, CVE-2023-3961, CVE-2023-4091, CVE-2023-4154, CVE-2023-42669, CVE-2023-42670, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-5568, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-49844, CVE-2025-61984, CVE-2025-61985, CVE-2025-62507	06/02/2026, 16:54:28	healtheintent.com, purewellness.com, retek.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, oraclecloudservices.com, rsys2.net, hyperroll.com, orcale.com, oraclemobile.com, sun.co.in, stellent.com, siebel.com, cerner.net, oracle-cloud.com, docucorp.com, mvalent.com, oracleemaildelivery.com, en25.com, solaris.com, rightnowtech.com, think.com, ipapp.com, jdedwards.com, tiger-institute.org, skire.com, sales.com, fyleio.com, push.io, estara.com, tekelec.com, paymyhealthbill.com, dyndns.com, optika.com, jcp.org, smed.com, cernerenviza-tw.com, recruitmax.com, decisioneering.com, stortek.com, seebeyond.com, livelook.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, storagetek.com
124.156.203.•••:18789	Assistant	🇮🇳 India	Yes	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	03/02/2026, 20:56:08	03/02/2026, 22:24:02	Yes	-	-	-	06/02/2026, 16:53:47	tencent.com, chinaunicom.cn
43.159.63.•••:18789	-	🇸🇬 Singapore	-	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	03/02/2026, 20:56:08	03/02/2026, 22:24:02	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 16:53:49	tencent.com
89.167.27.•••:18789	Kiddo (🔹)	🇫🇮 Finland	Yes	false	Clean	AS24940	Hetzner Online GmbH	Hetzner	03/02/2026, 20:56:08	03/02/2026, 22:24:02	-	-	-	-	06/02/2026, 16:53:50	-
175.178.155.•••:18789	-	🇨🇳 China mainland	-	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	03/02/2026, 20:56:08	03/02/2026, 22:24:02	Yes	Yes	APT37, El-Machete	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 16:53:52	tencent.com, ub.ac.id
212.60.153.•••:18789	Assistant	🇩🇪 Germany	Yes	false	Clean	AS215607	dataforest GmbH	BitsFlowCloud	03/02/2026, 20:56:08	03/02/2026, 22:24:02	Yes	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 16:53:53	eu.org
154.36.152.•••:18789	Claw (🦞)	🇯🇵 Japan	Yes	false	Clean	AS979	NetLab Global	NetLab Global	03/02/2026, 20:56:08	03/02/2026, 22:24:02	No	No	-	-	06/02/2026, 16:53:55	-
47.251.68.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 20:56:08	03/02/2026, 22:24:02	No	Yes	APT17, APT29, APT35, APT36, APT37, APT40, APT41, APT45, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Kimsuky, MuddyWater Group, Patchwork, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2024-39894, CVE-2024-6387	06/02/2026, 16:53:56	-
49.233.79.•••:18789	-	🇨🇳 China mainland	Yes	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	03/02/2026, 20:56:08	03/02/2026, 22:24:02	Yes	No	-	-	06/02/2026, 16:53:57	truecorp.co.th, tencent.com
102.41.220.•••:18789	-	🇪🇬 Egypt	-	false	Clean	AS8452	TE-AS	TE Data	03/02/2026, 20:56:08	03/02/2026, 22:24:02	No	No	-	-	06/02/2026, 16:53:59	-
146.190.157.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 20:56:08	03/02/2026, 22:24:02	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387	06/02/2026, 16:54:00	-
124.223.183.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	03/02/2026, 20:56:08	03/02/2026, 22:24:02	Yes	Yes	APT37, El-Machete	-	06/02/2026, 16:54:02	tencent.com, chinaunicom.cn
223.167.74.•••:18789	-	🇨🇳 China mainland	-	false	Leaked	AS17621	China Unicom Shanghai network	China Unicom Shanghai	03/02/2026, 20:56:08	03/02/2026, 22:24:02	Yes	Yes	APT28, APT35, APT37, APT39, APT41, Cobalt Group, Equation Group, Kimsuky, Mustang Panda, Packrat, Sandworm Team	CVE-2015-5352, CVE-2015-5600, CVE-2015-6563, CVE-2015-6564, CVE-2016-0777, CVE-2016-0778, CVE-2017-15906, CVE-2018-15919, CVE-2020-14145, CVE-2021-41617	06/02/2026, 16:54:03	chinamobile.com, chinamobile.cn, chinaunicom.cn
129.226.206.•••:18789	-	🇸🇬 Singapore	-	false	Clean	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	03/02/2026, 20:56:08	03/02/2026, 22:24:02	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 16:54:04	-
34.72.214.•••:18789	-	🇺🇸 United States	-	false	Clean	AS396982	Google LLC	Google	03/02/2026, 20:56:08	03/02/2026, 22:24:02	No	Yes	DragonFly, Packrat	-	06/02/2026, 16:54:05	-
43.167.156.•••:18789	-	🇸🇬 Singapore	Yes	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	03/02/2026, 20:56:08	03/02/2026, 22:24:02	Yes	No	-	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 16:54:06	tencent.com
117.72.32.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS141679	China Telecom Beijing Tianjin Hebei Big Data Industry Park Branch	JD.com	03/02/2026, 20:56:08	03/02/2026, 22:24:02	Yes	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2017-15945, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2020-8022, CVE-2020-9484, CVE-2021-30640, CVE-2021-36368, CVE-2021-41617, CVE-2022-29885, CVE-2022-34305, CVE-2022-42252, CVE-2023-28531, CVE-2023-28708, CVE-2023-38408, CVE-2023-41080, CVE-2023-42795, CVE-2023-44487, CVE-2023-45648, CVE-2023-46589, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-23672, CVE-2024-24549, CVE-2024-6387, CVE-2025-1695, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 16:54:07	jdl.cn, vackbot.com, vg.com, jdfinance.com, 51buy.com, blackdragon.com, jddj.com, 7fresh.com, jd.com, 360buy.com, chinabank.com.cn, 360buyimg.com, imdada.cn, jdh.com
49.51.188.•••:18789	-	🇨🇳 China mainland	-	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Tencent Cloud	03/02/2026, 20:56:08	03/02/2026, 22:24:02	Yes	Yes	APT15, APT17, APT28, APT31, APT36, APT37, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Daggerfly APT, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, Packrat, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT, The Shadow Brokers	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 16:54:09	truecorp.co.th, tencent.com
38.148.242.•••:18789	-	🇺🇸 United States	Yes	false	Leaked	AS8796	FASTNET DATA INC	Kurun Cloud	03/02/2026, 20:56:08	03/02/2026, 22:24:02	Yes	Yes	Salt Typhoon	CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-61984, CVE-2025-61985, CVE-2025-65082, CVE-2025-66200	06/02/2026, 16:54:10	cogentco.com
43.135.139.•••:18789	-	🇺🇸 United States	Yes	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	03/02/2026, 20:56:08	03/02/2026, 22:24:02	Yes	Yes	APT15, APT17, APT31, APT36, APT37, APT45, Bitter APT, Bluenoroff, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT, The Shadow Brokers	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 16:54:11	tencent.com
43.138.253.•••:18789	-	🇨🇳 China mainland	-	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	03/02/2026, 20:56:08	03/02/2026, 22:24:02	Yes	Yes	APT37, El-Machete	-	06/02/2026, 16:54:13	tencent.com
77.237.243.•••:18789	Core (🔧)	🇩🇪 Germany	Yes	false	Leaked	AS51167	Contabo GmbH	Contabo	03/02/2026, 20:56:08	03/02/2026, 22:24:02	Yes	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT36, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Turla APT Group, Volt Typhoon	CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-6484, CVE-2024-6485, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 16:54:14	contaboserver.net, contabo.de, contabo.net
170.106.198.•••:18789	-	🇺🇸 United States	-	false	Clean	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	03/02/2026, 20:56:08	03/02/2026, 22:24:02	No	Yes	APT17, APT36, APT37, APT45, Kimsuky, MuddyWater Group, SideWinder APT	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 16:54:16	-
43.162.99.•••:18789	Assistant	🇸🇬 Singapore	Yes	false	Clean	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	03/02/2026, 20:56:08	03/02/2026, 22:24:02	-	-	-	-	06/02/2026, 16:54:17	-
81.68.223.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	03/02/2026, 20:56:08	03/02/2026, 22:24:02	No	Yes	APT36, APT37, El-Machete, Equation Group, Hafnium Group, Lazarus Group, Silence Hacker Group, WildCard APT	CVE-2010-0866, CVE-2010-0867, CVE-2010-0901, CVE-2010-0902, CVE-2010-0911, CVE-2010-2389, CVE-2010-2411, CVE-2010-2415, CVE-2010-2419, CVE-2010-3590, CVE-2010-3600, CVE-2010-4413, CVE-2010-4420, CVE-2010-4421, CVE-2011-0785, CVE-2011-0793, CVE-2011-0799, CVE-2011-0804, CVE-2011-0805, CVE-2011-0816, CVE-2011-0831, CVE-2011-0832, CVE-2011-0835, CVE-2011-0838, CVE-2011-0848, CVE-2011-0870, CVE-2011-0876, CVE-2011-0879, CVE-2011-0880, CVE-2011-2230, CVE-2011-2231, CVE-2011-2232, CVE-2011-2238, CVE-2011-2239, CVE-2011-2242, CVE-2011-2243, CVE-2011-2244, CVE-2011-2248, CVE-2011-2253, CVE-2011-2257, CVE-2018-11784, CVE-2018-8014, CVE-2018-8034, CVE-2018-8037, CVE-2019-0199, CVE-2019-0221, CVE-2019-10072, CVE-2019-12418, CVE-2019-17563, CVE-2019-2684, CVE-2020-11996, CVE-2020-13934, CVE-2020-13935, CVE-2020-13943, CVE-2020-17527, CVE-2020-1935, CVE-2020-1938, CVE-2020-9484, CVE-2021-24122, CVE-2021-25122, CVE-2021-25329, CVE-2021-30640, CVE-2021-33037, CVE-2021-41079, CVE-2021-43980, CVE-2022-25762, CVE-2022-42252	06/02/2026, 16:54:18	-
43.134.133.•••:18789	-	🇸🇬 Singapore	-	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	03/02/2026, 20:56:08	03/02/2026, 22:24:02	Yes	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 16:54:19	tencent.com
139.99.96.•••:18789	-	🇸🇬 Singapore	-	false	Clean	AS16276	OVH SAS	OVH Singapore	03/02/2026, 20:56:08	03/02/2026, 22:24:02	Yes	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 16:54:20	ovh.ca
34.11.56.•••:18789	-	🇺🇸 United States	-	false	Clean	AS396982	Google LLC	Google	03/02/2026, 20:56:08	03/02/2026, 22:24:02	No	No	-	CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 16:54:24	-
143.198.17.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	Yes	APT17, APT36, APT37, APT45, Kimsuky, MuddyWater Group, SideWinder APT	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:44:30	-
103.27.76.•••:18789	-	🇭🇰 Hong Kong	-	false	Clean	AS979	NetLab Global	NetLab Global	03/02/2026, 20:54:01	03/02/2026, 22:24:02	Yes	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 16:53:45	datadock.ne.jp
147.139.208.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud ID	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	-	-	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:44:35	-
120.24.24.•••:18789	-	🇨🇳 China mainland	-	false	Leaked	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	03/02/2026, 20:54:01	03/02/2026, 22:21:56	Yes	No	-	-	06/02/2026, 19:44:36	chinamobile.com, aliyun.com, chinamobile.cn
47.254.28.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	Yes	APT28, APT41, Equation Group	CVE-2010-4478, CVE-2010-5107, CVE-2011-4327, CVE-2011-5000, CVE-2012-0814, CVE-2016-0777, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:44:37	-
47.253.247.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	No	-	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:44:38	-
146.190.57.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-6387	06/02/2026, 19:44:42	-
47.93.141.•••:18789	小企鹅 (🐧)	🇨🇳 China mainland	Yes	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:44:43	-
8.135.239.•••:18789	Assistant	🇸🇬 Singapore	Yes	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alibaba Cloud	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728	06/02/2026, 19:44:44	-
47.90.209.•••:18789	-	🇨🇳 China mainland	-	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:44:45	-
68.183.80.•••:18789	-	🇮🇳 India	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	Yes	APT14, APT40, APT41, Cobalt Group, Gamaredon Group, Kimsuky, Lazarus Group, SharpPanda	CVE-2006-20001, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2021-44224, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522	06/02/2026, 19:44:46	-
47.77.233.•••:18789	-	🇨🇳 China mainland	-	false	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	03/02/2026, 20:54:01	03/02/2026, 22:21:56	Yes	No	-	-	06/02/2026, 19:44:47	hichina.com, alibaba-inc.com
47.253.230.•••:18789	-	🇨🇳 China mainland	-	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	No	-	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:44:49	-
8.215.67.•••:18789	Assistant	🇸🇬 Singapore	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	No	-	-	06/02/2026, 19:44:50	-
47.77.238.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	03/02/2026, 20:54:01	03/02/2026, 22:21:56	Yes	No	-	-	06/02/2026, 19:44:51	hichina.com, alibaba-inc.com
8.215.87.•••:18789	Assistant	🇸🇬 Singapore	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud Singapore	03/02/2026, 20:54:01	03/02/2026, 22:21:56	-	-	-	-	06/02/2026, 19:44:52	-
139.59.208.•••:18789	-	🇩🇪 Germany	Yes	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6110, CVE-2020-14145, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:44:53	-
47.252.23.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	No	-	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:44:54	-
43.156.115.•••:18789	-	🇸🇬 Singapore	Yes	false	Leaked	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	03/02/2026, 20:54:01	03/02/2026, 22:21:56	Yes	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:44:57	tencent.com
47.236.195.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	03/02/2026, 20:54:01	03/02/2026, 22:21:56	Yes	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT36, APT37, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387	06/02/2026, 19:44:58	hichina.com, alibaba-inc.com
167.71.199.•••:18789	-	🇸🇬 Singapore	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:44:59	-
47.108.159.•••:18789	大龙虾 (🦞)	🇨🇳 China mainland	Yes	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	06/02/2026, 19:45:00	-
159.89.180.•••:18789	-	🇺🇸 United States	-	false	Leaked	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 20:54:01	03/02/2026, 22:21:56	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Salt Typhoon, Sandworm Team, The Shadow Brokers	CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:45:01	gedesa.com
157.245.122.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	Yes	APT14, APT15, APT28, APT29, APT31, APT34, APT40, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, UNC2452, Volt Typhoon, WIRTE	CVE-2006-20001, CVE-2016-20012, CVE-2019-17567, CVE-2020-11984, CVE-2020-11993, CVE-2020-12062, CVE-2020-13938, CVE-2020-13950, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-30641, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:45:02	-
2607:f740:0:3f::2f0:18789	-	🇺🇸 United States	-	false	Clean	AS36236	NetActuate, Inc	NetActuate	03/02/2026, 20:54:01	03/02/2026, 22:21:56	-	-	-	-	06/02/2026, 19:45:04	-
47.251.8.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud US	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	No	-	-	06/02/2026, 19:45:05	-
47.236.85.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	03/02/2026, 20:54:01	03/02/2026, 22:21:56	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:45:06	hichina.com, alibaba-inc.com
47.80.9.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	03/02/2026, 20:54:01	03/02/2026, 22:21:56	-	-	-	-	06/02/2026, 19:45:07	-
146.190.167.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT36, APT37, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728	06/02/2026, 19:45:08	-
8.208.53.•••:18789	财智小爪 (Clawd) (📊)	🇸🇬 Singapore	Yes	false	Clean	AS45102	Alibaba (US) Technology Co., Ltd.	Alibaba Cloud	03/02/2026, 20:54:01	03/02/2026, 22:21:56	No	No	-	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 19:45:12	-
104.21.91.•••:18789	-	🇺🇸 United States	-	false	Leaked	AS13335	Cloudflare, Inc.	Cloudflare	03/02/2026, 20:54:01	03/02/2026, 22:21:56	Yes	Yes	DragonFly	-	06/02/2026, 19:45:13	hellosydneykids.com.au, 10366092.com, aws.org, 127578.com, i-serve.com.my, lifetimeeyecaresolutions.com, ttmcklcc.com.my, ogzcomunicaciones.com, theblindscompany.com.au, greencap.com.au, hzfeidi.com, datehype.com, 10366064.com, studio-santoro.it, cityfied.net, scomienergy.com.my, anlink.net, hmcxjc.com, kad-mesra.com.my, shsinotech.com, attlaw.com, vbankph.com, 10366118.com, circlevisions.com, naseni.gov.ng, 10366046.com, ekakitchen.com, rootmetrics.com, wisehousetech.com, cloudflare.net, greensideinc.com, jxlingtong.com, filtermasters.com, royalebintang.com.my, abrsindicos.com.br, baselinewoods.com, mksteel.com.au, oa.com.au, idwager.com, wikiteq.com, mumsplace.com.my, alghanitex.com, camerasky.com.au, qzz.io, 302588.com, brownsprinting.com, 20minuta.hr, cloudhq-mkt6.net, effi.io, io.co, forwardwirecloth.net, ovato.com.au, healthy-kids.com.au, tel.hr, sanvicentefundacion.com, dildendileceviri.com, parentingideas.com.au, final.co.il, pp.ua, 10366006.com, refee.net, xjzljt.net, sxgas.net, meg.com.au, occ.edu, kpower.com.my, pmgtest.com, sidewindersllc.com, 10366090.com, er-temeculavalley.com, yesworx.com, sanhoos.com, simatek.com, meridianbhd.com.my, bamko.net, 10366024.com, snap.hr, ecotours.com.my, meda.com.my, 10366038.com, china-one.net, kingdisplay.net, eu.org, lehvi.com, arkix.com, cardenal-newman.edu, comcorp.com.my, netindex.com, dfcvb.com, copilotai.com, spatialbuzz.com, riseventures.com.au, oracle-ag.ch, zhaowoo.net, pingtest.net, bestwanhui.com, 10366026.com, goassignmenthelp.com.au, ate.com.my, kaliumlakes.com.au, pauza.hr, workers.dev, 10366110.com, moreesolarfarm.com.au, mrjunkbgoneseattle.com, menshealth.hr, 360-xj.com, toniandguy.com.my, syndicatedmetals.com.au, xjwfcj.com, 10366068.com, zsnet.net, china114.net, hy189.net, xjhongshun.com, 412k.com, ahgir.com.au, ect.com.au, ucbtheatre.com, geochem.org, critterfixervet.com, 10366146.com, australiandisabilityenterprises.com.au, 10366034.com, dmln.net
49.232.168.•••:18888	-	🇨🇳 China mainland	-	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	03/02/2026, 20:36:47	03/02/2026, 22:03:42	Yes	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-0538, CVE-2022-20612, CVE-2022-34174, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	06/02/2026, 23:21:22	truecorp.co.th, tencent.com
137.184.114.•••:443	-	🇺🇸 United States	-	false	Leaked	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 20:36:47	03/02/2026, 22:03:42	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728	06/02/2026, 23:21:23	cprapid.com
143.198.17.•••:443	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 20:36:47	03/02/2026, 22:03:42	No	Yes	APT14, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2006-20001, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 23:21:25	-
64.227.186.•••:443	Assistant	🇮🇳 India	Yes	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 20:36:47	03/02/2026, 22:03:42	No	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728	06/02/2026, 23:21:26	-
138.197.82.•••:443	Assistant	🇺🇸 United States	Yes	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 20:36:47	03/02/2026, 22:03:42	No	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Carbanak, Cobalt Group, DarkHotel Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2015-8325, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-20012, CVE-2016-3115, CVE-2016-6210, CVE-2016-6515, CVE-2016-8858, CVE-2017-15906, CVE-2017-20005, CVE-2017-7529, CVE-2018-15473, CVE-2018-15919, CVE-2018-16843, CVE-2018-16844, CVE-2018-16845, CVE-2018-20685, CVE-2019-20372, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-29323, CVE-2023-35784, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347, CVE-2025-26465	06/02/2026, 23:21:27	-
143.198.17.•••:443	-	🇺🇸 United States	Yes	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	03/02/2026, 20:36:47	03/02/2026, 22:03:42	No	Yes	APT17, APT36, APT37, APT45, Kimsuky, MuddyWater Group, SideWinder APT	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	06/02/2026, 23:21:28	-
118.31.23.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alisoft	03/02/2026, 20:36:47	03/02/2026, 22:03:41	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	06/02/2026, 23:21:29	aliyun.com
178.156.237.•••:8080	-	🇺🇸 United States	Yes	false	Clean	AS213230	Hetzner Online GmbH	Hetzner	03/02/2026, 20:34:46	03/02/2026, 22:01:40	-	-	-	-	07/02/2026, 02:29:41	-
8.159.150.•••:18789	-	🇸🇬 Singapore	-	false	Clean	AS37963	Hangzhou Alibaba Advertising Co.,Ltd.	Alibaba Cloud	03/02/2026, 20:34:46	03/02/2026, 22:01:40	No	No	-	-	07/02/2026, 02:29:42	-

🦞 OpenClaw Exposure Watchboard

Ship Secure Enterprise AI Agents 10× Faster with vivgrid.com

Vivgrid gives you authentication, model gateway, tool control, cost tracking, and enterprise observability — everything you need to ship AI agents safely at scale.