🦞 OpenClaw Exposure Watchboard
This page lists publicly reachable active OpenClaw instances for defensive awareness. If this is your deployment, enable authentication, remove direct public exposure, and patch immediately.
Exposed Instances: 651864 Page: 1307 / 6519 (100 per page) Showing: 130601-130700 Last Imported: 13/04/2026, 13:41:02
🇨🇳 356,384
🇺🇸 173,592
Build With Vivgrid
Explore Vivgrid Ship Secure Enterprise AI Agents 10× Faster with vivgrid.com
Vivgrid gives you authentication, model gateway, tool control, cost tracking, and enterprise observability — everything you need to ship AI agents safely at scale.
| Endpoint | Assistant Name | Country | auth_required | is_active | has_leaked_creds | asn | asn_name | org | first_seen | last_seen | asi_has_breach | asi_has_threat_actor | asi_threat_actors | asi_cves | asi_enriched_at | asi_domains |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 49.13.158.•••:18789 | - | 🇩🇪 Germany | Yes | true | Leaked | AS24940 | Hetzner Online GmbH | Hetzner Online | 30/03/2026, 11:16:44 | 03/04/2026, 06:00:28 | Yes | Yes | APT14, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2006-20001, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898, CVE-2024-42516, CVE-2024-43204, CVE-2024-43394, CVE-2024-47252, CVE-2024-6387, CVE-2025-23048, CVE-2025-26465, CVE-2025-32728, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020, CVE-2025-61984, CVE-2025-61985 | 03/04/2026, 04:30:47 | hetzner.de |
| 2604:2dc0:205:4d00:::10038 | - | 🇺🇸 United States | - | true | Clean | AS16276 | OVH SAS | Sd One Network | 30/03/2026, 11:16:44 | 12/04/2026, 00:49:55 | - | - | - | - | - | - |
| 14.19.192.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS4134 | Chinanet | CHINANET Guangdong | 30/03/2026, 11:16:44 | 30/03/2026, 11:16:44 | - | - | - | - | - | - |
| 94.130.183.•••:18789 | - | 🇩🇪 Germany | Yes | true | Leaked | AS24940 | Hetzner Online GmbH | Hetzner Online GmbH | 30/03/2026, 11:16:44 | 12/04/2026, 00:49:33 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2015-8325, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-20012, CVE-2016-3115, CVE-2016-6210, CVE-2016-6515, CVE-2016-8858, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-29323, CVE-2023-35784, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-61984, CVE-2025-61985 | 05/04/2026, 21:53:05 | your-server.de |
| 47.92.253.•••:50001 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 11:16:44 | 11/04/2026, 10:55:46 | No | No | - | - | 30/03/2026, 12:53:55 | - |
| 154.219.98.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS401701 | cognetcloud INC | Cloud Innovation | 30/03/2026, 11:16:43 | 12/04/2026, 00:49:25 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/04/2026, 22:33:03 | - |
| 117.21.200.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS4134 | Chinanet | CHINANET Jiangxi | 30/03/2026, 11:16:43 | 09/04/2026, 14:37:30 | No | Yes | APT1 Comment Crew, APT10, APT27, APT28, APT29, APT33, APT34, APT35, APT41, Donot Team, Earth Longzhi, Sandworm Team, Turla APT Group, Volatile Kitten | CVE-2000-1210, CVE-2001-0590, CVE-2002-0493, CVE-2005-4838, CVE-2006-7196, CVE-2007-1358, CVE-2007-2449, CVE-2008-0128, CVE-2009-2696, CVE-2013-2185, CVE-2013-4286, CVE-2013-4322, CVE-2013-4444, CVE-2013-4590, CVE-2013-6357, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-4078, CVE-2016-8735, CVE-2020-11022, CVE-2020-11023, CVE-2020-8022, CVE-2025-24813 | 06/04/2026, 12:06:22 | - |
| 5.223.55.•••:80 | - | 🇸🇬 Singapore | Yes | true | Clean | AS215859 | Hetzner Online GmbH | Hetzner Online | 30/03/2026, 11:16:43 | 30/03/2026, 11:16:43 | - | - | - | - | - | - |
| 13.220.242.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS14618 | Amazon.com, Inc. | Amazon Web Services | 30/03/2026, 11:16:43 | 06/04/2026, 05:14:44 | - | - | - | - | - | - |
| 34.63.81.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS396982 | Google LLC | 30/03/2026, 11:16:43 | 11/04/2026, 02:41:14 | No | No | - | - | 05/04/2026, 00:09:50 | - | |
| 154.83.239.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS139880 | OWGELS INTERNATIONAL CO., LIMITED | Ares IDC Limited | 30/03/2026, 11:16:43 | 12/04/2026, 20:11:03 | No | - | - | - | 31/03/2026, 04:34:01 | - |
| 154.219.127.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS8796 | FASTNET DATA INC | Cloud Innovation | 30/03/2026, 11:16:43 | 11/04/2026, 22:35:21 | No | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/04/2026, 17:57:43 | - |
| 125.119.98.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS4134 | Chinanet | ChinaNet Hangzhou | 30/03/2026, 11:16:43 | 30/03/2026, 11:16:43 | - | - | - | - | - | - |
| 111.228.44.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS141679 | China Telecom Beijing Tianjin Hebei Big Data Industry Park Branch | Jingdong Headquarters | 30/03/2026, 11:16:43 | 02/04/2026, 08:12:23 | - | - | - | - | - | - |
| 129.212.132.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 30/03/2026, 11:16:43 | 30/03/2026, 11:16:43 | - | - | - | - | - | - |
| 121.196.226.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 11:16:42 | 30/03/2026, 11:16:42 | - | - | - | - | - | - |
| 3.96.212.•••:443 | - | 🇨🇦 Canada | Yes | true | Clean | AS16509 | Amazon.com, Inc. | Amazon Web Services Canada | 30/03/2026, 11:16:42 | 02/04/2026, 07:27:46 | No | No | - | - | 27/03/2026, 07:30:58 | - |
| 8.134.190.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alibaba Cloud | 30/03/2026, 11:16:42 | 08/04/2026, 13:07:30 | No | - | - | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728 | 06/04/2026, 02:21:06 | - |
| 81.70.183.•••:80 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 30/03/2026, 11:16:42 | 03/04/2026, 00:01:19 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2007-5925, CVE-2009-0819, CVE-2010-1621, CVE-2010-1626, CVE-2010-3677, CVE-2010-3682, CVE-2015-2575, CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2017-15945, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385 | 03/04/2026, 00:05:40 | - |
| 124.221.205.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 30/03/2026, 11:16:42 | 30/03/2026, 11:16:42 | - | - | - | - | - | - |
| 114.219.184.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS4134 | Chinanet | Chinanet Jiangsu Province Network | 30/03/2026, 11:16:42 | 30/03/2026, 11:16:42 | - | - | - | - | - | - |
| 51.178.82.•••:18789 | - | 🇫🇷 France | Yes | true | Leaked | AS16276 | OVH SAS | OVH | 30/03/2026, 11:16:42 | 12/04/2026, 23:54:50 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347, CVE-2025-23419, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 13:53:33 | ovh.net |
| 167.172.194.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 30/03/2026, 11:16:42 | 30/03/2026, 11:16:42 | - | - | - | - | - | - |
| 42.194.217.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 30/03/2026, 11:16:42 | 30/03/2026, 11:16:42 | - | - | - | - | - | - |
| 139.155.92.•••:18888 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 30/03/2026, 11:16:42 | 08/04/2026, 21:22:20 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, El-Machete, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617 | 08/04/2026, 20:13:05 | - |
| 18.133.18.•••:443 | - | 🇬🇧 United Kingdom | Yes | true | Clean | AS16509 | Amazon.com, Inc. | Amazon Web Services | 30/03/2026, 11:16:42 | 12/04/2026, 23:55:00 | No | No | - | - | 31/03/2026, 15:10:26 | - |
| 39.98.57.•••:50001 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 11:16:42 | 12/04/2026, 18:41:17 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Carbanak, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, Lyceum APT, MuddyWater Group, Mustang Panda, Packrat, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, TA505, TEMP.Hermit, The Shadow Brokers, Volt Typhoon | CVE-2015-5352, CVE-2015-5600, CVE-2015-6563, CVE-2015-6564, CVE-2015-8325, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-1908, CVE-2016-20012, CVE-2016-3115, CVE-2016-6210, CVE-2016-6515, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 03/04/2026, 03:48:49 | aliyun.com |
| 240e:380:9378:2300:2697:edff:fe2b:9622:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS4134 | Chinanet | China Telecom IPv6 Broadband Address | 30/03/2026, 11:16:41 | 30/03/2026, 11:16:41 | - | - | - | - | - | - |
| 47.250.174.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS45102 | Alibaba (US) Technology Co., Ltd. | Alibaba Cloud | 30/03/2026, 11:16:41 | 12/04/2026, 00:50:20 | Yes | No | - | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 12/04/2026, 00:09:17 | hichina.com, alibaba-inc.com |
| 101.35.241.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 30/03/2026, 11:16:41 | 11/04/2026, 07:56:21 | Yes | Yes | APT37, El-Machete | - | 02/04/2026, 01:48:44 | tencent.com |
| 120.27.153.•••:443 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 11:16:41 | 03/04/2026, 11:58:18 | - | - | - | - | - | - |
| 47.92.208.•••:50001 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 11:16:41 | 11/04/2026, 04:11:31 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617 | 02/04/2026, 21:01:12 | - |
| 44.201.65.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS14618 | Amazon.com, Inc. | Amazon Web Services | 30/03/2026, 11:16:41 | 31/03/2026, 02:16:23 | - | - | - | - | - | - |
| 167.99.130.•••:18789 | - | 🇩🇪 Germany | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 30/03/2026, 11:16:41 | 11/04/2026, 23:20:06 | No | No | - | CVE-2016-20012, CVE-2020-14145, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 04:12:58 | - |
| 167.86.68.•••:80 | - | 🇩🇪 Germany | Yes | true | Leaked | AS51167 | Contabo GmbH | Contabo | 30/03/2026, 11:16:41 | 12/04/2026, 00:48:46 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2018-5741, CVE-2018-5743, CVE-2018-5744, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-6470, CVE-2019-6471, CVE-2020-14145, CVE-2020-15778, CVE-2020-8616, CVE-2020-8617, CVE-2020-8622, CVE-2020-8623, CVE-2020-8624, CVE-2020-8625, CVE-2021-25214, CVE-2021-25215, CVE-2021-25216, CVE-2021-25219, CVE-2021-25220, CVE-2021-36368, CVE-2021-41617, CVE-2022-2795, CVE-2022-38177, CVE-2022-38178, CVE-2023-2828, CVE-2023-3341, CVE-2023-38408, CVE-2023-4408, CVE-2023-48795, CVE-2023-50387, CVE-2023-51384, CVE-2023-51385, CVE-2023-5680, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/04/2026, 21:47:35 | contabo.de, contabo.net |
| 199.180.119.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS25820 | IT7 Networks Inc / AS8126 Cloud Fabric, Inc. | IT7 Networks | 30/03/2026, 11:16:41 | 09/04/2026, 01:54:51 | Yes | No | - | CVE-2016-20012, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/04/2026, 18:45:10 | 16clouds.com |
| 49.235.149.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 30/03/2026, 11:16:41 | 03/04/2026, 05:15:36 | - | - | - | - | - | - |
| 107.172.34.•••:443 | - | 🇺🇸 United States | Yes | true | Leaked | AS36352 | HostPapa | RackNerd | 30/03/2026, 11:16:41 | 11/04/2026, 04:11:36 | Yes | Yes | APT-C-23, APT15, APT28, APT29, APT31, APT34, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2020-25097, CVE-2021-28041, CVE-2021-28116, CVE-2021-28651, CVE-2021-28652, CVE-2021-28662, CVE-2021-31806, CVE-2021-31807, CVE-2021-31808, CVE-2021-33620, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2021-46784, CVE-2022-41317, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 11/04/2026, 03:30:38 | racknerd.com |
| 139.59.112.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 30/03/2026, 11:16:40 | 11/04/2026, 21:50:13 | No | Yes | APT-C-23, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon | CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-23017, CVE-2021-3618, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 01:57:21 | - |
| 47.92.216.•••:50001 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 11:16:40 | 11/04/2026, 10:55:14 | No | No | - | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617 | 05/04/2026, 14:19:15 | - |
| 111.230.5.•••:443 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 30/03/2026, 11:16:40 | 13/04/2026, 12:55:24 | Yes | No | - | CVE-2023-44487, CVE-2024-7347 | 02/04/2026, 10:28:56 | tencent.com |
| 47.101.39.•••:443 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 11:16:40 | 12/04/2026, 00:49:16 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385 | 03/04/2026, 03:05:07 | - |
| 47.84.101.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS45102 | Alibaba (US) Technology Co., Ltd. | Alibaba Cloud | 30/03/2026, 11:16:40 | 12/04/2026, 23:54:05 | - | - | - | - | - | - |
| 2a0a:3840:8078:140:0:2d8e:8c88:1337:18789 | - | 🇷🇴 Romania | - | true | Clean | AS39287 | Materialism s.r.l. | Materialism | 30/03/2026, 11:16:40 | 11/04/2026, 10:55:24 | - | - | - | - | - | - |
| 2602:f9f3:1000::71:443 | - | 🇺🇸 United States | - | true | Clean | AS399646 | Snaju Development | Dartnode Server | 30/03/2026, 11:16:40 | 31/03/2026, 00:00:43 | - | - | - | - | - | - |
| 47.79.136.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS45102 | Alibaba (US) Technology Co., Ltd. | Alibaba Cloud | 30/03/2026, 11:16:40 | 05/04/2026, 10:34:55 | Yes | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/04/2026, 10:42:37 | hichina.com, alibaba-inc.com |
| 45.10.40.•••:18789 | - | 🇰🇿 Kazakhstan | Yes | true | Clean | AS9123 | JSC "TIMEWEB" | Taiwan Cloud | 30/03/2026, 11:16:39 | 09/04/2026, 10:08:28 | No | Yes | APT15, APT17, APT28, APT31, APT35, APT36, APT37, APT39, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 06/04/2026, 03:46:11 | - |
| 15.157.160.•••:443 | - | 🇨🇦 Canada | Yes | true | Clean | AS16509 | Amazon.com, Inc. | Amazon Web Services Canada | 30/03/2026, 11:16:39 | 08/04/2026, 07:06:04 | No | No | - | CVE-2023-38709, CVE-2024-24795, CVE-2024-27316, CVE-2024-36387, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898, CVE-2024-42516, CVE-2024-43204, CVE-2024-43394, CVE-2024-47252, CVE-2025-23048, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020, CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-65082, CVE-2025-66200 | 08/04/2026, 01:52:07 | - |
| 13.230.8.•••:443 | - | 🇯🇵 Japan | Yes | true | Clean | AS16509 | Amazon.com, Inc. | Amazon Web Services Japan | 30/03/2026, 11:16:39 | 30/03/2026, 11:16:39 | - | - | - | - | - | - |
| 136.114.26.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS396982 | Google LLC | 30/03/2026, 11:16:39 | 11/04/2026, 04:56:43 | No | No | - | - | 30/03/2026, 14:20:56 | - | |
| 154.197.57.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS135377 | UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED | UCloud Information Technology HK Limited | 30/03/2026, 11:16:39 | 12/04/2026, 00:48:36 | No | No | - | - | 24/03/2026, 18:13:44 | - |
| 129.121.86.•••:80 | - | 🇺🇸 United States | Yes | true | Leaked | AS31898 | Oracle Corporation | OGTIPS1 | 30/03/2026, 11:16:39 | 11/04/2026, 10:54:33 | Yes | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/04/2026, 13:34:34 | athenixinc.com, hostmonster.com, site5.com, domain.com, readyhosting.com, homestead.com, endurance.com, mojomarketplace.com, mybluehost.me, dotster.com, bluehost.com |
| 4.165.230.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 30/03/2026, 11:16:39 | 13/04/2026, 12:55:10 | - | - | - | - | - | - |
| 45.91.168.•••:8081 | - | 🇳🇱 Netherlands | Yes | true | Clean | AS41436 | Kamatera Inc | Cloud Web Manage EU | 30/03/2026, 11:16:39 | 30/03/2026, 11:16:39 | - | - | - | - | - | - |
| 74.208.76.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS8560 | This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE. | 1&1 Ionos | 30/03/2026, 11:16:39 | 30/03/2026, 11:16:39 | - | - | - | - | - | - |
| 54.168.53.•••:443 | - | 🇯🇵 Japan | Yes | true | Clean | AS16509 | Amazon.com, Inc. | Amazon Web Services Japan | 30/03/2026, 11:16:39 | 31/03/2026, 02:16:19 | No | No | - | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 30/03/2026, 23:16:56 | - |
| 116.234.25.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS4812 | China Telecom (Group) | ChinaNet Shanghai | 30/03/2026, 11:16:39 | 30/03/2026, 11:16:39 | - | - | - | - | - | - |
| 87.99.134.•••:18002 | Echo (/avatar/main) | 🇺🇸 United States | Yes | true | Leaked | AS213230 | Hetzner Online GmbH | Hetzner | 30/03/2026, 11:16:39 | 12/04/2026, 00:05:18 | Yes | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/04/2026, 14:30:26 | hetzner.com |
| 154.92.52.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS132839 | POWER LINE DATACENTER | Digital Core Technology Co. Limited | 30/03/2026, 11:16:39 | 09/04/2026, 07:53:48 | No | Yes | APT1, APT28, APT32, APT35, APT37, APT38, APT39, Cobalt Group, DragonFly, El-Machete, FIN8, Gamaredon-Group, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers, gozi | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617 | 09/04/2026, 02:42:02 | - |
| 101.245.105.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS55990 | Huawei Cloud Service data center | Huawei Cloud | 30/03/2026, 11:16:39 | 05/04/2026, 23:16:25 | Yes | No | - | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 03/04/2026, 03:49:40 | smartcom.cc, huawei.com, huaweidevice.com |
| 134.175.188.•••:18080 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 30/03/2026, 11:16:39 | 12/04/2026, 18:41:15 | - | - | - | - | - | - |
| 2a02:4780:5e:20ae::1:3004 | - | 🇲🇾 Malaysia | - | true | Clean | AS47583 | Hostinger International Limited | Hostinger | 30/03/2026, 11:16:39 | 12/04/2026, 00:49:17 | - | - | - | - | - | - |
| 115.29.162.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 11:16:38 | 30/03/2026, 11:16:38 | - | - | - | - | - | - |
| 46.224.171.•••:80 | - | 🇩🇪 Germany | Yes | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner | 30/03/2026, 11:16:38 | 05/04/2026, 21:46:47 | - | - | - | - | - | - |
| 5.78.200.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS212317 | Hetzner Online GmbH | Hetzner | 30/03/2026, 11:16:38 | 08/04/2026, 13:08:40 | - | - | - | - | - | - |
| 159.75.10.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 30/03/2026, 11:16:38 | 02/04/2026, 18:42:32 | - | - | - | - | - | - |
| 47.92.144.•••:50001 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 11:16:38 | 11/04/2026, 10:53:50 | No | Yes | APT28, APT40, APT41, Cobalt Group, Earth Berberoka, Energetic Bear, Equation Group, Leafminer, Luckycat APT, Sandworm Team | CVE-2010-1899, CVE-2010-2730, CVE-2010-3972 | 02/04/2026, 11:58:43 | - |
| 116.23.97.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS4134 | Chinanet | CHINANET Guangdong | 30/03/2026, 11:16:38 | 30/03/2026, 11:16:38 | - | - | - | - | - | - |
| 117.72.106.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS141679 | China Telecom Beijing Tianjin Hebei Big Data Industry Park Branch | JD.com | 30/03/2026, 11:16:37 | 12/04/2026, 00:49:28 | Yes | No | - | - | 02/04/2026, 16:28:55 | jdl.cn, vackbot.com, vg.com, jdfinance.com, 51buy.com, blackdragon.com, jddj.com, 7fresh.com, jd.com, 360buy.com, chinabank.com.cn, 360buyimg.com, imdada.cn, jdh.com |
| 5.161.124.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS213230 | Hetzner Online GmbH | Hetzner Online | 30/03/2026, 11:16:37 | 11/04/2026, 10:54:12 | - | - | - | - | - | - |
| 103.193.178.•••:18789 | - | 🇮🇩 Indonesia | Yes | true | Clean | AS136052 | PT Cloud Hosting Indonesia | Nara Cakra Studio | 30/03/2026, 11:16:37 | 12/04/2026, 23:55:45 | No | No | - | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/04/2026, 08:59:35 | - |
| 118.141.249.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS9304 | HGC Global Communications Limited | HGC Global Communications Limited | 30/03/2026, 11:16:37 | 30/03/2026, 11:16:37 | - | - | - | - | - | - |
| 54.171.66.•••:18789 | - | 🇮🇪 Ireland | Yes | true | Clean | AS16509 | Amazon.com, Inc. | Amazon | 30/03/2026, 11:16:37 | 05/04/2026, 18:02:16 | - | - | - | - | - | - |
| 82.165.128.•••:18789 | - | 🇫🇷 France | Yes | true | Clean | AS8560 | This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE. | IONOS Cloud NBZ | 30/03/2026, 11:16:37 | 30/03/2026, 11:16:37 | - | - | - | - | - | - |
| 18.216.251.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS16509 | Amazon.com, Inc. | Amazon | 30/03/2026, 11:16:36 | 09/04/2026, 01:07:50 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2015-8325, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-3115, CVE-2016-6210, CVE-2016-6515, CVE-2016-8858, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617 | 03/04/2026, 03:04:31 | - |
| 47.103.111.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 11:16:36 | 02/04/2026, 07:27:41 | - | - | - | - | - | - |
| 223.254.130.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS40004 | CONRADIT, LLC | The Media Network Ltd | 30/03/2026, 11:16:36 | 30/03/2026, 11:16:36 | - | - | - | - | - | - |
| 138.197.108.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 30/03/2026, 11:16:36 | 30/03/2026, 11:16:36 | - | - | - | - | - | - |
| 117.72.243.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS141679 | China Telecom Beijing Tianjin Hebei Big Data Industry Park Branch | JD.com | 30/03/2026, 11:16:36 | 11/04/2026, 04:11:37 | Yes | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/04/2026, 15:52:41 | jdl.cn, vackbot.com, vg.com, jdfinance.com, 51buy.com, blackdragon.com, jddj.com, 7fresh.com, jd.com, 360buy.com, chinabank.com.cn, 360buyimg.com, imdada.cn, jdh.com |
| 156.225.143.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS142286 | LUOGELANG (FRANCE) LIMITED | CloudFly Net Inc | 30/03/2026, 11:16:36 | 11/04/2026, 10:54:01 | No | Yes | APT1, APT32, El-Machete, FIN8, Gamaredon-Group, gozi | CVE-2014-4078 | 05/04/2026, 07:39:16 | - |
| 46.101.85.•••:443 | - | 🇬🇧 United Kingdom | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 30/03/2026, 11:16:36 | 11/04/2026, 07:11:39 | No | Yes | APT1 Comment Crew, APT14, APT15, APT27, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT40, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Earth Longzhi, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, Turla APT Group, UNC2452, Volt Typhoon, WIRTE | CVE-2006-20001, CVE-2012-6708, CVE-2015-8325, CVE-2015-9251, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-1546, CVE-2016-20012, CVE-2016-3115, CVE-2016-4975, CVE-2016-4979, CVE-2016-5387, CVE-2016-6210, CVE-2016-6515, CVE-2016-8612, CVE-2016-8740, CVE-2016-8743, CVE-2016-8858, CVE-2017-15710, CVE-2017-15715, CVE-2017-15906, CVE-2017-3167, CVE-2017-3169, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-11763, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-1333, CVE-2018-15473, CVE-2018-15919, CVE-2018-17189, CVE-2018-17199, CVE-2018-20685, CVE-2019-0196, CVE-2019-0197, CVE-2019-0211, CVE-2019-0217, CVE-2019-0220, CVE-2019-10081, CVE-2019-10082, CVE-2019-10092, CVE-2019-10098, CVE-2019-11358, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9517, CVE-2020-11022, CVE-2020-11023, CVE-2020-11985, CVE-2020-11993, CVE-2020-13938, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-7656, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-33193, CVE-2021-34798, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-29323, CVE-2023-31122, CVE-2023-35784, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898, CVE-2025-26465, CVE-2025-32728 | 06/04/2026, 00:48:06 | - |
| 182.47.248.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS4134 | Chinanet | ChinaNet Shandong | 30/03/2026, 11:16:36 | 05/04/2026, 17:17:38 | Yes | No | - | - | 03/04/2026, 03:47:15 | bj189.cn, 118114.cn, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, ideal.sh.cn, daqu.com.cn, ctyun.cn |
| 119.91.25.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 30/03/2026, 11:16:36 | 11/04/2026, 10:54:34 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385 | 02/04/2026, 23:21:30 | tencent.com |
| 49.12.13.•••:80 | - | 🇩🇪 Germany | Yes | true | Leaked | AS24940 | Hetzner Online GmbH | Hetzner Online | 30/03/2026, 11:16:36 | 11/04/2026, 10:55:40 | Yes | Yes | APT14, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, Volt Typhoon, WIRTE | CVE-2006-20001, CVE-2015-8325, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-20012, CVE-2016-3115, CVE-2016-6210, CVE-2016-6515, CVE-2016-8858, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11984, CVE-2020-11993, CVE-2020-12062, CVE-2020-13950, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-30641, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/04/2026, 15:45:18 | hetzner.de |
| 98.81.99.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS14618 | Amazon.com, Inc. | Amazon Web Services | 30/03/2026, 11:16:36 | 11/04/2026, 21:50:10 | - | - | - | - | - | - |
| 150.242.81.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS133775 | Xiamen | Xiamen Kuaikuai Network Technology | 30/03/2026, 11:16:36 | 02/04/2026, 17:12:37 | - | - | - | - | - | - |
| 156.225.143.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS142286 | LUOGELANG (FRANCE) LIMITED | CloudFly Net Inc | 30/03/2026, 11:16:36 | 12/04/2026, 23:55:15 | No | Yes | APT1, APT32, El-Machete, FIN8, Gamaredon-Group, gozi | CVE-2014-4078 | 12/04/2026, 22:26:32 | - |
| 120.79.81.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 11:16:36 | 12/04/2026, 00:49:11 | Yes | Yes | APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon | CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-16843, CVE-2018-16844, CVE-2018-16845, CVE-2018-20685, CVE-2019-20372, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/04/2026, 21:04:47 | aliyun.com |
| 46.225.30.•••:18789 | - | 🇩🇪 Germany | Yes | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner | 30/03/2026, 11:16:35 | 12/04/2026, 00:05:13 | No | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/04/2026, 18:43:00 | - |
| 111.62.156.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS24547 | Hebei Mobile Communication Company Limited | China Mobile | 30/03/2026, 11:16:35 | 12/04/2026, 00:48:49 | - | - | - | - | - | - |
| 34.205.84.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS14618 | Amazon.com, Inc. | Amazon | 30/03/2026, 11:16:35 | 11/04/2026, 10:54:16 | No | - | - | CVE-2016-20012, CVE-2021-36368, CVE-2021-41617 | 02/04/2026, 17:15:07 | - |
| 3.90.0.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS14618 | Amazon.com, Inc. | Amazon Web Services | 30/03/2026, 11:16:35 | 01/04/2026, 05:09:42 | - | - | - | - | - | - |
| 47.92.106.•••:50001 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 11:16:35 | 12/04/2026, 00:50:20 | No | No | - | CVE-2016-20012, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728 | 05/04/2026, 17:21:26 | - |
| 175.178.51.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 30/03/2026, 11:16:35 | 11/04/2026, 21:50:15 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385 | 02/04/2026, 17:57:51 | tencent.com |
| 114.132.45.•••:443 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 30/03/2026, 11:16:35 | 09/04/2026, 12:23:03 | - | - | - | - | - | - |
| 130.162.187.•••:32772 | - | 🇺🇸 United States | Yes | true | Leaked | AS31898 | Oracle Corporation | Oracle Cloud | 30/03/2026, 11:16:35 | 11/04/2026, 10:55:17 | Yes | No | - | CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-36457, CVE-2023-36458, CVE-2023-37477, CVE-2023-38408, CVE-2023-39964, CVE-2023-39965, CVE-2023-39966, CVE-2023-48795, CVE-2023-51385, CVE-2024-2352, CVE-2024-24768, CVE-2024-27288, CVE-2024-30257, CVE-2024-34352, CVE-2024-39907, CVE-2024-39911, CVE-2025-26465, CVE-2025-32728, CVE-2025-34410, CVE-2025-34429, CVE-2025-34430, CVE-2025-54424, CVE-2025-56413, CVE-2025-61984, CVE-2025-61985, CVE-2025-66507, CVE-2025-66508, CVE-2026-23525 | 06/04/2026, 00:47:14 | healtheintent.com, purewellness.com, cerner.ae, retek.com, tryfoexnow.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, oracle.com, hiedirectconnect.org, maxymiser.net, oraclecloudservices.com, rsys2.net, hyperroll.com, nor1.com, oxygen.systems, oraclegovcloud.com, orcale.com, oraclemobile.com, sun.co.in, openair.co, oraclepdemos.com, stellent.com, siebel.com, cerner.net, oracle-cloud.com, docucorp.com, mvalent.com, elementfusion.com, netsuiteforms.com, oracleemaildelivery.com, oraclecloud.com, en25.com, solaris.com, rightnowtech.com, think.com, ipapp.com, jdedwards.com, tiger-institute.org, zenedge.com, skire.com, sun.com, sales.com, fyleio.com, push.io, estara.com, tekelec.com, textura.com, paymyhealthbill.com, dyndns.com, java.net, optika.com, jcp.org, smed.com, cernerenviza-tw.com, datafox.com, recruitmax.com, decisioneering.com, adiinsights.com, stortek.com, seebeyond.com, livelook.com, openjdk.org, virtualbox.org, dyn.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, storagetek.com, oracledatacloud.com |
| 47.92.75.•••:50001 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 11:16:35 | 12/04/2026, 00:49:17 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728 | 08/04/2026, 21:22:44 | - |
| 113.46.218.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS55990 | Huawei Cloud Service data center | Huawei Cloud | 30/03/2026, 11:16:35 | 11/04/2026, 21:50:10 | - | - | - | - | - | - |
| 137.116.36.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 30/03/2026, 11:14:36 | 30/03/2026, 11:14:36 | - | - | - | - | - | - |
| 3.6.115.•••:18789 | - | 🇮🇳 India | - | true | Clean | AS16509 | Amazon.com, Inc. | Amazon Web Services | 30/03/2026, 11:14:31 | 12/04/2026, 00:46:42 | Yes | No | - | CVE-2024-42516, CVE-2024-43204, CVE-2024-43394, CVE-2024-47252, CVE-2024-6531, CVE-2025-23048, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020, CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-65082, CVE-2025-66200 | 01/04/2026, 06:37:30 | supportelders.com |