🦞 OpenClaw Exposure Watchboard
This page lists publicly reachable active OpenClaw instances for defensive awareness. If this is your deployment, enable authentication, remove direct public exposure, and patch immediately.
Exposed Instances: 1006105 Page: 108 / 10062 (100 per page) Showing: 10701-10800 Last Imported: 14/07/2026, 07:44:58
🇨🇳 483,673
🇺🇸 290,578
Build With Vivgrid
Explore Vivgrid Ship Secure Enterprise AI Agents 10× Faster with vivgrid.com
Vivgrid gives you authentication, model gateway, tool control, cost tracking, and enterprise observability — everything you need to ship AI agents safely at scale.
| Endpoint | Assistant Name | Country | auth_required | is_active | has_leaked_creds | asn | asn_name | org | first_seen | last_seen | asi_has_breach | asi_has_threat_actor | asi_threat_actors | asi_cves | asi_enriched_at | asi_domains |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 87.92.126.•••:18789 | - | 🇫🇮 Finland | - | true | Clean | AS16086 | DNA Oyj | DNA Oyj | 08/07/2026, 04:04:17 | 08/07/2026, 11:13:02 | No | No | - | - | 02/07/2026, 11:13:50 | - |
| 113.87.50.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS4134 | Chinanet | CHINANET Guangdong | 08/07/2026, 04:04:16 | 08/07/2026, 11:13:01 | Yes | No | - | - | 08/07/2026, 11:14:01 | bj189.cn, 118114.cn, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, ideal.sh.cn, daqu.com.cn, ctyun.cn |
| 163.176.187.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS31898 | Oracle Corporation | Oracle | 08/07/2026, 04:02:30 | 08/07/2026, 10:28:15 | - | - | - | - | - | - |
| 97.74.91.•••:18789 | - | 🇺🇸 United States | - | true | Leaked | AS26496 | GoDaddy.com, LLC | GoDaddy | 08/07/2026, 04:02:30 | 11/07/2026, 20:03:01 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, FIN8, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/07/2026, 09:05:11 | secureserver.net, godaddy.com |
| 67.205.182.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 08/07/2026, 04:02:30 | 08/07/2026, 10:28:14 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387 | 08/07/2026, 09:05:12 | - |
| 111.88.243.•••:18789 | - | 🇷🇺 Russia | - | true | Clean | AS200350 | Yandex.Cloud LLC | Yandex Cloud | 08/07/2026, 04:02:29 | 08/07/2026, 11:11:14 | - | - | - | - | - | - |
| 8.147.66.•••:18789 | - | 🇸🇬 Singapore | - | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alibaba Cloud | 08/07/2026, 04:02:28 | 11/07/2026, 10:46:29 | - | - | - | - | - | - |
| 185.241.192.•••:18789 | - | 🇷🇺 Russia | - | true | Clean | AS47764 | LLC VK | VK Cloud Solutions | 08/07/2026, 04:02:27 | 08/07/2026, 11:11:11 | No | No | - | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 09:05:37 | - |
| 13.213.5.•••:18789 | - | 🇸🇬 Singapore | - | true | Clean | AS16509 | Amazon.com, Inc. | Amazon Web Services | 08/07/2026, 04:02:27 | 08/07/2026, 11:11:11 | No | No | - | - | 02/07/2026, 09:05:41 | - |
| 120.48.41.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 08/07/2026, 04:02:26 | 08/07/2026, 11:11:11 | Yes | Yes | APT17, APT37, DragonFly, El-Machete, Gozi, Packrat | CVE-2014-4078, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 09:05:45 | baidu.com |
| 43.201.146.•••:18789 | - | 🇰🇷 South Korea | - | true | Clean | AS16509 | Amazon.com, Inc. | Amazon | 08/07/2026, 04:02:25 | 14/07/2026, 03:49:29 | No | No | - | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 09:05:52 | - |
| 106.54.193.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Unknown | 08/07/2026, 04:02:25 | 08/07/2026, 11:11:11 | Yes | Yes | APT28, APT30, APT35, APT37, APT39, Callisto Group, Cobalt Group, El-Machete, Kimsuky, MoustachedBouncer, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2007-4559, CVE-2015-1283, CVE-2015-5652, CVE-2016-0718, CVE-2016-0772, CVE-2016-1000110, CVE-2016-10708, CVE-2016-2183, CVE-2016-4472, CVE-2016-5636, CVE-2016-9063, CVE-2017-1000158, CVE-2017-15906, CVE-2017-17522, CVE-2017-18207, CVE-2017-9233, CVE-2018-1000117, CVE-2018-1060, CVE-2018-1061, CVE-2018-14647, CVE-2018-15473, CVE-2018-15919, CVE-2018-20406, CVE-2018-20685, CVE-2018-20852, CVE-2019-13404, CVE-2019-16056, CVE-2019-16935, CVE-2019-18348, CVE-2019-5010, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9636, CVE-2019-9674, CVE-2020-14145, CVE-2020-14422, CVE-2020-26116, CVE-2020-27619, CVE-2021-23336, CVE-2021-28861, CVE-2021-3733, CVE-2021-41617, CVE-2022-0391, CVE-2022-26488, CVE-2022-45061, CVE-2022-48560, CVE-2022-48564, CVE-2022-48565, CVE-2022-48566, CVE-2023-24329, CVE-2023-27043, CVE-2023-36632, CVE-2023-40217, CVE-2024-4030 | 08/07/2026, 09:05:54 | tencentcloud.com |
| 121.228.166.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS4134 | Chinanet | ChinaNet Jiangsu | 08/07/2026, 04:02:25 | 11/07/2026, 07:55:33 | Yes | No | - | CVE-2020-8022, CVE-2023-21528, CVE-2023-21704, CVE-2023-21705, CVE-2023-21713, CVE-2023-21718, CVE-2023-23384, CVE-2023-29349, CVE-2023-29356, CVE-2023-32025, CVE-2023-32026, CVE-2023-32027, CVE-2023-32028, CVE-2023-36417, CVE-2023-36420, CVE-2023-36728, CVE-2023-36730, CVE-2023-36785, CVE-2023-38169, CVE-2023-46589, CVE-2024-0056, CVE-2024-23672, CVE-2024-24549 | 08/07/2026, 09:05:57 | bj189.cn, 118114.cn, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, ideal.sh.cn, daqu.com.cn, ctyun.cn |
| 120.48.44.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 08/07/2026, 04:02:25 | 08/07/2026, 11:11:10 | Yes | Yes | APT17, APT37, DragonFly, El-Machete, Gozi, Packrat | - | 08/07/2026, 09:06:02 | baidu.com |
| 18.208.162.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14618 | Amazon.com, Inc. | Amazon | 08/07/2026, 04:02:24 | 14/07/2026, 03:49:42 | No | No | - | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617 | 08/07/2026, 09:06:05 | - |
| 87.92.126.•••:18789 | - | 🇫🇮 Finland | - | true | Clean | AS16086 | DNA Oyj | DNA Oyj | 08/07/2026, 04:02:24 | 08/07/2026, 11:11:09 | No | No | - | - | 02/07/2026, 07:37:36 | - |
| 67.205.182.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 08/07/2026, 04:00:31 | 09/07/2026, 23:51:01 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387 | 08/07/2026, 04:45:32 | - |
| 13.213.5.•••:18789 | - | 🇸🇬 Singapore | - | true | Clean | AS16509 | Amazon.com, Inc. | Amazon Web Services | 08/07/2026, 04:00:30 | 09/07/2026, 23:51:00 | No | No | - | - | 02/07/2026, 04:45:36 | - |
| 192.140.166.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS146817 | Hubei Feixun Network Co., Ltd | Hubei Feixun Network | 08/07/2026, 04:00:30 | 13/07/2026, 02:46:41 | No | No | - | CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023, CVE-2020-23064, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/07/2026, 04:45:37 | - |
| 43.201.146.•••:18789 | - | 🇰🇷 South Korea | - | true | Clean | AS16509 | Amazon.com, Inc. | Amazon | 08/07/2026, 04:00:30 | 14/07/2026, 03:46:55 | No | No | - | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 04:45:39 | - |
| 192.144.144.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 08/07/2026, 03:23:29 | 11/07/2026, 18:41:44 | No | No | - | - | 02/07/2026, 03:27:38 | - |
| 114.116.255.•••:443 | - | 🇨🇳 China mainland | - | true | Leaked | AS55990 | Huawei Cloud Service data center | Huawei Cloud | 08/07/2026, 03:23:29 | 11/07/2026, 15:07:15 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-20372, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 03:27:39 | smartcom.cc, huawei.com, huaweidevice.com, hwclouds-dns.com |
| 178.104.225.•••:443 | - | 🇩🇪 Germany | - | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner | 08/07/2026, 03:23:29 | 14/07/2026, 03:54:02 | No | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 03:27:40 | - |
| 39.106.254.•••:18789 | - | 🇽🇽 XX | - | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Unknown | 08/07/2026, 03:23:27 | 13/07/2026, 22:54:04 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Packrat, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 11:21:34 | aliyun.com |
| 113.201.120.•••:19999 | - | 🇨🇳 China mainland | - | true | Leaked | AS4837 | CHINA UNICOM China169 Backbone | China Unicom Shanxi Province Network | 08/07/2026, 03:23:27 | 08/07/2026, 14:06:03 | Yes | No | - | - | 08/07/2026, 12:44:23 | chinaunicom.cn |
| 32.186.226.•••:443 | - | 🇺🇸 United States | - | true | Clean | AS16509 | Amazon.com, Inc. | Amazon | 08/07/2026, 03:23:26 | 14/07/2026, 01:02:11 | - | - | - | - | - | - |
| 161.35.123.•••:80 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 08/07/2026, 03:23:26 | 08/07/2026, 14:06:02 | No | Yes | APT17, APT29, APT35, APT36, APT37, APT40, APT41, APT45, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Kimsuky, MuddyWater Group, Patchwork, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/07/2026, 12:44:29 | - |
| 46.149.195.•••:18789 | - | 🇭🇰 Hong Kong | - | true | Clean | AS59371 | Dimension Network & Communication Limited | Large Bright Investments | 08/07/2026, 03:23:25 | 08/07/2026, 14:06:01 | No | No | - | - | 02/07/2026, 12:44:39 | - |
| 195.216.169.•••:18789 | - | 🇪🇸 Spain | - | true | Leaked | AS214504 | Hostman LTD | [name redacted] | 08/07/2026, 03:23:25 | 14/07/2026, 00:19:32 | Yes | No | - | CVE-2006-20001, CVE-2013-4352, CVE-2013-5704, CVE-2013-6438, CVE-2014-0098, CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2014-3523, CVE-2014-3581, CVE-2014-8109, CVE-2015-0228, CVE-2015-3183, CVE-2015-3185, CVE-2016-0736, CVE-2016-2161, CVE-2016-4975, CVE-2016-5387, CVE-2016-8612, CVE-2016-8743, CVE-2017-15710, CVE-2017-15715, CVE-2017-3167, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-17199, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2020-11985, CVE-2020-13938, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-34798, CVE-2021-39275, CVE-2021-40438, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-31122, CVE-2023-38709, CVE-2024-24795, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898 | 08/07/2026, 12:44:41 | mac.com, appleiphonecell.com, smivision.com, pushpin.com, beddit.com, apple-livephotoskit.com, apple.net, business.apple, nic.apple, apple.news, appads.com, next.com, apple-cloudkit.com, apple.ae, creditkudos.com, laserlike.com, tradeicloud.com, siri.com, iphone.com, braeburncapital.com, mzstatic.com, shazamid.com, appleid.com, me.com, ikinema.com, appl.com, ichat.com, icloud.co, fleetsmithhq.com, appletv.com, ibook.info, authentec.com, omnifone.com, testflightapp.com, applemusic.com, quicktime.com, unionbaynetworks.com, apple-dns.net, akiban.com, dvdstudiopro.net, apple.com, ribob01.net, foundationdb.org, shazam.com, carbon.com, icloud.com, icloudnet.org, apple-mapkit.com, invisage.com, icloud.net, airport.us, texture.com, microaudio.com, icloud.com.cn, cups.org, powerbyproxi.com, nextissue.com, icloud-mpp.com, qwapi.com, newton.com, deskconnect.com, itools.info, akoniaholographics.com, apple.me, itunes.com, coherentnavigation.com, icloud-content.com, lattice.io, music.apple, hopstop.com, learnsprout.com, apple.co, booklamp.org, tv.apple, nextissuemedia.com, aple.com, appstore.com, auth.com, thinkdifferent.us, emac.com, fleetsmith.com, aaplimg.com, apple.in |
| 2a02:4780:75:558e::1:18789 | - | 🇺🇸 United States | - | true | Clean | AS47583 | Hostinger International Limited | Hostinger | 08/07/2026, 03:21:42 | 14/07/2026, 03:50:55 | - | - | - | - | - | - |
| 171.83.48.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS137266 | CHINATELECOM Hubei province Wuhan 5G network | ChinaNet Hubei | 08/07/2026, 03:21:40 | 11/07/2026, 09:23:00 | No | No | - | - | 02/07/2026, 07:00:55 | - |
| 143.110.157.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 08/07/2026, 03:21:36 | 11/07/2026, 02:14:38 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 08:24:53 | - |
| 192.144.144.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 08/07/2026, 03:21:36 | 11/07/2026, 14:22:05 | No | No | - | - | 02/07/2026, 08:24:57 | - |
| 178.104.225.•••:18789 | - | 🇩🇪 Germany | - | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner | 08/07/2026, 03:21:36 | 13/07/2026, 23:34:30 | No | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 08:24:58 | - |
| 91.58.151.•••:18789 | - | 🇩🇪 Germany | - | true | Leaked | AS3320 | Internet service provider operations | Deutsche Telekom | 08/07/2026, 03:21:34 | 08/07/2026, 12:38:22 | Yes | No | - | - | 08/07/2026, 08:25:12 | telekom.de |
| 39.106.254.•••:18789 | - | 🇽🇽 XX | - | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Unknown | 08/07/2026, 03:21:33 | 13/07/2026, 17:51:39 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Packrat, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 08:25:15 | aliyun.com |
| 113.201.120.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS4837 | CHINA UNICOM China169 Backbone | China Unicom Shanxi Province Network | 08/07/2026, 03:21:32 | 08/07/2026, 10:30:18 | Yes | No | - | - | 08/07/2026, 08:25:21 | chinaunicom.cn |
| 72.61.57.•••:18789 | - | 🇧🇷 Brazil | - | true | Leaked | AS47583 | Hostinger International Limited | Hostinger | 08/07/2026, 03:21:32 | 08/07/2026, 10:30:17 | Yes | No | - | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 08:25:25 | hstgr.cloud |
| 32.186.226.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS16509 | Amazon.com, Inc. | Amazon | 08/07/2026, 03:21:31 | 13/07/2026, 20:43:36 | - | - | - | - | - | - |
| 161.35.123.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 08/07/2026, 03:21:31 | 08/07/2026, 10:30:17 | No | Yes | APT17, APT29, APT35, APT36, APT37, APT40, APT41, APT45, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Kimsuky, MuddyWater Group, Patchwork, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/07/2026, 08:25:30 | - |
| 46.149.195.•••:18789 | - | 🇭🇰 Hong Kong | - | true | Clean | AS59371 | Dimension Network & Communication Limited | Large Bright Investments | 08/07/2026, 03:21:30 | 08/07/2026, 10:30:16 | No | No | - | - | 02/07/2026, 08:25:41 | - |
| 195.216.169.•••:18789 | - | 🇪🇸 Spain | - | true | Leaked | AS214504 | Hostman LTD | [name redacted] | 08/07/2026, 03:21:30 | 13/07/2026, 19:17:45 | Yes | No | - | CVE-2006-20001, CVE-2013-4352, CVE-2013-5704, CVE-2013-6438, CVE-2014-0098, CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2014-3523, CVE-2014-3581, CVE-2014-8109, CVE-2015-0228, CVE-2015-3183, CVE-2015-3185, CVE-2016-0736, CVE-2016-2161, CVE-2016-4975, CVE-2016-5387, CVE-2016-8612, CVE-2016-8743, CVE-2017-15710, CVE-2017-15715, CVE-2017-3167, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-17199, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2020-11985, CVE-2020-13938, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-34798, CVE-2021-39275, CVE-2021-40438, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-31122, CVE-2023-38709, CVE-2024-24795, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898 | 08/07/2026, 08:25:44 | mac.com, appleiphonecell.com, smivision.com, pushpin.com, beddit.com, apple-livephotoskit.com, apple.net, business.apple, nic.apple, apple.news, appads.com, next.com, apple-cloudkit.com, apple.ae, creditkudos.com, laserlike.com, tradeicloud.com, siri.com, iphone.com, braeburncapital.com, mzstatic.com, shazamid.com, appleid.com, me.com, ikinema.com, appl.com, ichat.com, icloud.co, fleetsmithhq.com, appletv.com, ibook.info, authentec.com, omnifone.com, testflightapp.com, applemusic.com, quicktime.com, unionbaynetworks.com, apple-dns.net, akiban.com, dvdstudiopro.net, apple.com, ribob01.net, foundationdb.org, shazam.com, carbon.com, icloud.com, icloudnet.org, apple-mapkit.com, invisage.com, icloud.net, airport.us, texture.com, microaudio.com, icloud.com.cn, cups.org, powerbyproxi.com, nextissue.com, icloud-mpp.com, qwapi.com, newton.com, deskconnect.com, itools.info, akoniaholographics.com, apple.me, itunes.com, coherentnavigation.com, icloud-content.com, lattice.io, music.apple, hopstop.com, learnsprout.com, apple.co, booklamp.org, tv.apple, nextissuemedia.com, aple.com, appstore.com, auth.com, thinkdifferent.us, emac.com, fleetsmith.com, aaplimg.com, apple.in |
| 163.176.187.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS31898 | Oracle Corporation | Oracle | 08/07/2026, 03:21:30 | 08/07/2026, 10:30:15 | - | - | - | - | - | - |
| 97.74.91.•••:18789 | - | 🇺🇸 United States | - | true | Leaked | AS26496 | GoDaddy.com, LLC | GoDaddy | 08/07/2026, 03:21:30 | 11/07/2026, 20:04:49 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, FIN8, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/07/2026, 08:25:47 | secureserver.net, godaddy.com |
| 115.237.45.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS4134 | Chinanet | ChinaNet Shaoxing | 08/07/2026, 03:19:44 | 11/07/2026, 13:37:22 | - | - | - | - | - | - |
| 36.103.199.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS134761 | CHINANET NINGXIA province ZHONGWEI IDC network | ChinaNet Ningxia | 08/07/2026, 03:19:38 | 08/07/2026, 09:45:43 | No | No | - | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/07/2026, 09:04:13 | - |
| 143.110.157.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 08/07/2026, 03:19:37 | 11/07/2026, 02:12:46 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 09:04:19 | - |
| 192.144.144.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 08/07/2026, 03:19:37 | 11/07/2026, 14:20:11 | No | No | - | - | 02/07/2026, 09:04:24 | - |
| 178.104.225.•••:18789 | - | 🇩🇪 Germany | - | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner | 08/07/2026, 03:19:36 | 13/07/2026, 23:32:39 | No | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 09:04:25 | - |
| 91.58.151.•••:18789 | - | 🇩🇪 Germany | - | true | Leaked | AS3320 | Internet service provider operations | Deutsche Telekom | 08/07/2026, 03:19:34 | 08/07/2026, 12:36:28 | Yes | No | - | - | 08/07/2026, 07:39:14 | telekom.de |
| 39.106.254.•••:18789 | - | 🇽🇽 XX | - | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Unknown | 08/07/2026, 03:19:34 | 13/07/2026, 17:49:43 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Packrat, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 09:04:42 | aliyun.com |
| 113.201.120.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS4837 | CHINA UNICOM China169 Backbone | China Unicom Shanxi Province Network | 08/07/2026, 03:19:32 | 08/07/2026, 10:28:17 | Yes | No | - | - | 08/07/2026, 09:04:44 | chinaunicom.cn |
| 72.61.57.•••:18789 | - | 🇧🇷 Brazil | - | true | Leaked | AS47583 | Hostinger International Limited | Hostinger | 08/07/2026, 03:19:32 | 08/07/2026, 10:28:17 | Yes | No | - | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 09:04:49 | hstgr.cloud |
| 32.186.226.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS16509 | Amazon.com, Inc. | Amazon | 08/07/2026, 03:19:31 | 13/07/2026, 20:41:43 | - | - | - | - | - | - |
| 161.35.123.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 08/07/2026, 03:19:31 | 08/07/2026, 10:28:17 | No | Yes | APT17, APT29, APT35, APT36, APT37, APT40, APT41, APT45, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Kimsuky, MuddyWater Group, Patchwork, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/07/2026, 09:04:54 | - |
| 46.149.195.•••:18789 | - | 🇭🇰 Hong Kong | - | true | Clean | AS59371 | Dimension Network & Communication Limited | Large Bright Investments | 08/07/2026, 03:19:30 | 08/07/2026, 10:28:16 | No | No | - | - | 02/07/2026, 09:05:04 | - |
| 195.216.169.•••:18789 | - | 🇪🇸 Spain | - | true | Leaked | AS214504 | Hostman LTD | [name redacted] | 08/07/2026, 03:19:30 | 13/07/2026, 19:15:52 | Yes | No | - | CVE-2006-20001, CVE-2013-4352, CVE-2013-5704, CVE-2013-6438, CVE-2014-0098, CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2014-3523, CVE-2014-3581, CVE-2014-8109, CVE-2015-0228, CVE-2015-3183, CVE-2015-3185, CVE-2016-0736, CVE-2016-2161, CVE-2016-4975, CVE-2016-5387, CVE-2016-8612, CVE-2016-8743, CVE-2017-15710, CVE-2017-15715, CVE-2017-3167, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-17199, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2020-11985, CVE-2020-13938, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-34798, CVE-2021-39275, CVE-2021-40438, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-31122, CVE-2023-38709, CVE-2024-24795, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898 | 08/07/2026, 09:05:06 | mac.com, appleiphonecell.com, smivision.com, pushpin.com, beddit.com, apple-livephotoskit.com, apple.net, business.apple, nic.apple, apple.news, appads.com, next.com, apple-cloudkit.com, apple.ae, creditkudos.com, laserlike.com, tradeicloud.com, siri.com, iphone.com, braeburncapital.com, mzstatic.com, shazamid.com, appleid.com, me.com, ikinema.com, appl.com, ichat.com, icloud.co, fleetsmithhq.com, appletv.com, ibook.info, authentec.com, omnifone.com, testflightapp.com, applemusic.com, quicktime.com, unionbaynetworks.com, apple-dns.net, akiban.com, dvdstudiopro.net, apple.com, ribob01.net, foundationdb.org, shazam.com, carbon.com, icloud.com, icloudnet.org, apple-mapkit.com, invisage.com, icloud.net, airport.us, texture.com, microaudio.com, icloud.com.cn, cups.org, powerbyproxi.com, nextissue.com, icloud-mpp.com, qwapi.com, newton.com, deskconnect.com, itools.info, akoniaholographics.com, apple.me, itunes.com, coherentnavigation.com, icloud-content.com, lattice.io, music.apple, hopstop.com, learnsprout.com, apple.co, booklamp.org, tv.apple, nextissuemedia.com, aple.com, appstore.com, auth.com, thinkdifferent.us, emac.com, fleetsmith.com, aaplimg.com, apple.in |
| 134.122.109.•••:18789 | - | 🇬🇧 United Kingdom | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 08/07/2026, 03:17:26 | 09/07/2026, 23:08:01 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-31079, CVE-2024-32760, CVE-2024-34161, CVE-2024-35200, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 04:45:23 | - |
| 103.249.200.•••:18789 | - | 🇻🇳 Vietnam | - | true | Leaked | AS150873 | THUONGCLOUD COMPANY LIMITED | Thuongcloud Company Limited | 08/07/2026, 03:17:26 | 09/07/2026, 23:08:01 | Yes | - | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 04:45:26 | vnnic.vn |
| 172.245.110.•••:18789 | - | 🇺🇸 United States | - | true | Leaked | AS36352 | HostPapa | RackNerd | 08/07/2026, 03:17:26 | 09/07/2026, 23:08:01 | Yes | Yes | APT15, APT31, APT37, APT39, Bitter APT, Bluenoroff, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, Salt Typhoon, SideWinder APT | CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 04:45:27 | racknerd.com |
| 32.186.226.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS16509 | Amazon.com, Inc. | Amazon | 08/07/2026, 03:17:26 | 13/07/2026, 04:54:39 | - | - | - | - | - | - |
| 115.237.45.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS4134 | Chinanet | ChinaNet Shaoxing | 08/07/2026, 02:40:27 | 11/07/2026, 17:58:44 | - | - | - | - | - | - |
| 171.213.135.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS4134 | Chinanet | ChinaNet Sichuan | 08/07/2026, 02:40:26 | 11/07/2026, 02:16:56 | Yes | No | - | - | 08/07/2026, 03:26:34 | asuscomm.com |
| 2a02:4780:75:558e::1:443 | - | 🇺🇸 United States | - | true | Clean | AS47583 | Hostinger International Limited | Hostinger | 08/07/2026, 02:40:26 | 14/07/2026, 03:52:45 | - | - | - | - | - | - |
| 147.182.226.•••:80 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 08/07/2026, 02:40:26 | 08/07/2026, 13:23:25 | Yes | Yes | APT-C-23, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon | CVE-2016-20012, CVE-2019-16905, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 03:26:41 | duckdns.org |
| 115.227.104.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS4134 | Chinanet | ChinaNet Zhejiang | 08/07/2026, 02:40:26 | 11/07/2026, 02:59:15 | No | No | - | - | 02/07/2026, 03:26:42 | - |
| 106.14.253.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 08/07/2026, 02:40:26 | 11/07/2026, 05:07:42 | Yes | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/07/2026, 03:26:43 | aliyun.com |
| 38.76.182.•••:18789 | - | 🇭🇰 Hong Kong | - | true | Leaked | AS401701 | cognetcloud INC | Hong Kong Cloud Network Technology Co Ltd | 08/07/2026, 02:40:25 | 14/07/2026, 03:53:06 | Yes | No | - | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 03:26:48 | cogentco.com |
| 175.162.72.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS4837 | CHINA UNICOM China169 Backbone | China Unicom Liaoning | 08/07/2026, 02:40:25 | 11/07/2026, 10:50:41 | No | No | - | - | 02/07/2026, 03:26:49 | - |
| 178.105.112.•••:18789 | - | 🇩🇪 Germany | - | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner | 08/07/2026, 02:40:24 | 14/07/2026, 03:52:43 | No | No | - | - | 02/07/2026, 03:26:52 | - |
| 171.83.48.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS137266 | CHINATELECOM Hubei province Wuhan 5G network | ChinaNet Hubei | 08/07/2026, 02:40:24 | 11/07/2026, 13:41:39 | No | No | - | - | 02/07/2026, 03:26:56 | - |
| 163.172.151.•••:18789 | - | 🇫🇷 France | - | true | Leaked | AS12876 | Scaleway SAS | Scaleway Dedibox | 08/07/2026, 02:40:24 | 08/07/2026, 13:23:22 | Yes | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/07/2026, 03:26:58 | online.fr, poneytelecom.eu, iliad-datacenter.fr, scaleway.com, online.net |
| 64.23.146.•••:80 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 08/07/2026, 02:40:24 | 14/07/2026, 02:27:58 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-38709, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 03:27:00 | - |
| 47.92.212.•••:50001 | - | 🇨🇳 China mainland | - | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 08/07/2026, 02:40:24 | 11/07/2026, 16:32:43 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385 | 08/07/2026, 03:27:04 | - |
| 122.191.109.•••:1222 | - | 🇨🇳 China mainland | - | true | Leaked | AS4837 | CHINA UNICOM China169 Backbone | Unicom Hubei | 08/07/2026, 02:40:24 | 11/07/2026, 20:49:51 | Yes | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/07/2026, 03:27:05 | chinaunicom.cn |
| 2409:8a50:8b9:531::f0a:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS56047 | China Mobile communications corporation | China Mobile | 08/07/2026, 02:40:23 | 14/07/2026, 03:11:00 | - | - | - | - | - | - |
| 47.105.86.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 08/07/2026, 02:40:22 | 14/07/2026, 03:53:35 | No | No | - | - | 02/07/2026, 03:27:16 | - |
| 67.205.189.•••:80 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 08/07/2026, 02:40:22 | 08/07/2026, 13:23:21 | No | Yes | APT17, APT36, APT37, APT45, Kimsuky, MuddyWater Group, SideWinder APT | CVE-2024-31079, CVE-2024-32760, CVE-2024-34161, CVE-2024-35200, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 03:27:17 | - |
| 85.137.175.•••:18789 | - | 🇮🇹 Italy | - | true | Clean | AS202448 | https://www.mvps.net | MVPs Ltd | 08/07/2026, 02:40:22 | 12/07/2026, 00:24:00 | - | - | - | - | - | - |
| 31.129.101.•••:18789 | - | 🇷🇺 Russia | - | true | Leaked | AS198610 | Beget LLC | Beget LLC | 08/07/2026, 02:40:21 | 11/07/2026, 19:24:45 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-20012, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 03:27:23 | bk.ru, youla.ru, imgsmail.ru, mail.ru, beget.ru, smailru.net |
| 36.103.199.•••:5900 | - | 🇨🇳 China mainland | - | true | Clean | AS134761 | CHINANET NINGXIA province ZHONGWEI IDC network | ChinaNet Ningxia | 08/07/2026, 02:40:21 | 08/07/2026, 14:06:07 | No | No | - | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/07/2026, 03:27:27 | - |
| 143.110.157.•••:80 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 08/07/2026, 02:40:21 | 11/07/2026, 05:50:41 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 03:27:34 | - |
| 115.237.45.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS4134 | Chinanet | ChinaNet Shaoxing | 08/07/2026, 02:38:30 | 11/07/2026, 13:39:16 | - | - | - | - | - | - |
| 171.213.135.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS4134 | Chinanet | ChinaNet Sichuan | 08/07/2026, 02:38:29 | 10/07/2026, 21:58:49 | Yes | No | - | - | 08/07/2026, 07:00:34 | asuscomm.com |
| 147.182.226.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 08/07/2026, 02:38:28 | 10/07/2026, 16:58:44 | Yes | Yes | APT-C-23, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon | CVE-2016-20012, CVE-2019-16905, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 07:00:41 | duckdns.org |
| 115.227.104.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS4134 | Chinanet | ChinaNet Zhejiang | 08/07/2026, 02:38:28 | 10/07/2026, 22:41:40 | No | No | - | - | 02/07/2026, 07:00:43 | - |
| 106.14.253.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 08/07/2026, 02:38:28 | 11/07/2026, 01:32:12 | Yes | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/07/2026, 07:00:44 | aliyun.com |
| 20.94.192.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 08/07/2026, 02:38:27 | 08/07/2026, 09:47:40 | No | Yes | APT1, APT17, APT37, APT38, DragonFly, El-Machete, FIN8, Gamaredon-Group, Gozi, Packrat, gozi | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 07:00:48 | - |
| 38.76.182.•••:18789 | - | 🇭🇰 Hong Kong | - | true | Leaked | AS401701 | cognetcloud INC | Hong Kong Cloud Network Technology Co Ltd | 08/07/2026, 02:38:27 | 14/07/2026, 03:51:15 | Yes | No | - | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 07:00:50 | cogentco.com |
| 178.105.112.•••:18789 | - | 🇩🇪 Germany | - | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner | 08/07/2026, 02:38:27 | 14/07/2026, 03:50:53 | No | No | - | - | 02/07/2026, 07:00:52 | - |
| 163.172.151.•••:18789 | - | 🇫🇷 France | - | true | Leaked | AS12876 | Scaleway SAS | Scaleway Dedibox | 08/07/2026, 02:38:26 | 08/07/2026, 09:47:39 | Yes | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/07/2026, 07:00:59 | online.fr, poneytelecom.eu, iliad-datacenter.fr, scaleway.com, online.net |
| 64.23.146.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 08/07/2026, 02:38:26 | 13/07/2026, 21:26:27 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-38709, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 07:01:01 | - |
| 47.92.212.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 08/07/2026, 02:38:26 | 11/07/2026, 12:13:46 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385 | 08/07/2026, 07:01:05 | - |
| 2409:8a50:8b9:531::f0a:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS56047 | China Mobile communications corporation | China Mobile | 08/07/2026, 02:38:26 | 13/07/2026, 22:51:48 | - | - | - | - | - | - |
| 47.105.86.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 08/07/2026, 02:38:24 | 14/07/2026, 03:08:39 | No | No | - | - | 02/07/2026, 07:01:20 | - |
| 67.205.189.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 08/07/2026, 02:38:24 | 08/07/2026, 09:47:37 | No | Yes | APT17, APT36, APT37, APT45, Kimsuky, MuddyWater Group, SideWinder APT | CVE-2024-31079, CVE-2024-32760, CVE-2024-34161, CVE-2024-35200, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 07:01:22 | - |
| 85.137.175.•••:18789 | - | 🇮🇹 Italy | - | true | Clean | AS202448 | https://www.mvps.net | MVPs Ltd | 08/07/2026, 02:38:24 | 11/07/2026, 20:04:47 | - | - | - | - | - | - |
| 31.129.101.•••:18789 | - | 🇷🇺 Russia | - | true | Leaked | AS198610 | Beget LLC | Beget LLC | 08/07/2026, 02:38:23 | 12/07/2026, 21:51:08 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-20012, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 08/07/2026, 08:24:42 | bk.ru, youla.ru, imgsmail.ru, mail.ru, beget.ru, smailru.net |
| 36.103.199.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS134761 | CHINANET NINGXIA province ZHONGWEI IDC network | ChinaNet Ningxia | 08/07/2026, 02:38:23 | 08/07/2026, 09:47:36 | No | No | - | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/07/2026, 08:24:47 | - |
| 64.83.14.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS979 | NetLab Global | NetLab | 08/07/2026, 02:36:35 | 08/07/2026, 09:02:50 | No | No | - | - | 02/07/2026, 06:15:58 | - |