🦞 OpenClaw Exposure Watchboard
This page lists publicly reachable active OpenClaw instances for defensive awareness. If this is your deployment, enable authentication, remove direct public exposure, and patch immediately.
Exposed Instances: 683295 Page: 1666 / 6833 (100 per page) Showing: 166501-166600 Last Imported: 19/04/2026, 08:41:00
🇨🇳 364,448
🇺🇸 188,265
Build With Vivgrid
Explore Vivgrid Ship Secure Enterprise AI Agents 10× Faster with vivgrid.com
Vivgrid gives you authentication, model gateway, tool control, cost tracking, and enterprise observability — everything you need to ship AI agents safely at scale.
| Endpoint | Assistant Name | Country | auth_required | is_active | has_leaked_creds | asn | asn_name | org | first_seen | last_seen | asi_has_breach | asi_has_threat_actor | asi_threat_actors | asi_cves | asi_enriched_at | asi_domains |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 82.64.16.•••:18789 | - | 🇫🇷 France | - | true | Leaked | AS12322 | Free SAS | SAS | 30/03/2026, 03:41:44 | 31/03/2026, 11:08:00 | Yes | Yes | Cobalt Group | CVE-2006-20001, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-65082, CVE-2025-66200 | 30/03/2026, 22:24:31 | freeboxos.fr |
| 20.165.145.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 30/03/2026, 03:41:44 | 31/03/2026, 11:08:00 | No | No | - | - | 24/03/2026, 22:24:32 | - |
| 104.21.16.•••:18789 | - | 🇺🇸 United States | - | true | Leaked | AS13335 | Cloudflare, Inc. | Cloudflare | 30/03/2026, 03:41:44 | 31/03/2026, 11:08:00 | Yes | No | - | - | 30/03/2026, 22:24:35 | ks-shd.com, jmckjt.com, oceanparadisezanzibar.com, theydc.org, venancio.com, cheartx.org, zjxinyi.com, tvwdecatur.com, cgmprecast.com, dignityhealthstg.org, ccccnbtx.org, henrycountyclerktn.com, yxtaiyu.com, wxgogocasting.com, salvationarmyhouston.org, apple-iphone.ru, goleadercorp.cn, gwctn.org, hzfeidi.com, greenwoodsinvest.com, hopestreetfamilycenter.org, fricksfashion.com, ytmagnetics.com, fuhuake.com, cityfied.net, abpincorp.com, anlink.net, supportsierranevada.org, jekotrade.com, hmcxjc.com, shsinotech.com, vbankph.com, hostdatum.com, bopcon.com, smcinternational.fr, naseni.gov.ng, woodlandhealthcare.com, viralthread.com, listnr.com, cnbeining.com, boyu-group.com, botelho.med.br, ekakitchen.com, theinnotech.net, drlokken.com, wisehousetech.com, fengyegroup.com, cloudflare.net, salvationarmysouth.org, lvsenda.net, fletchingschool.org, qd-baolian.com, databrick.com, csofam.com, stlukeslakeside.com, co.com, bbapumpsusa.com, kidsbud.net, black-box.co.in, identitymso.com, jxlingtong.com, dignityhealth.org, cruzeirodosultransportes.com.br, nardini.com, dairyasia.org, baselinewoods.com, jiabinnu.com, lvteshengwu.com, montgomery-illinois.org, cleanzoneheating.com, alghanitex.com, qzz.io, managedcaresystems.com, kfstock.com, chistfrancishealth.org, koworksllc.net, ginachlaw.com, brownsprinting.com, c4group.org, mountairymd.org, made-in-diamond.com, cloudhq-mkt6.net, forwardwirecloth.net, center4hopeandhealing.com, klmymmyc.com, anorton.com, pinnaclecenter.com, saguenay.ca, gseschooldallas.org, mendotahospital.org, pp.ua, hnbeixiang.com, neurobehavioralaustin.com, contractleasing.net, refee.net, xjzljt.net, hit.com.au, xjjingyoga.com, sxgas.net, wakechem.com, lifeworkswellnesscare.com, advancentx.org, isdglobal.org, 1haojiyin.com, garage-auto-martinez.fr, lamaison-corse.fr, kingsley-wood.com, etlawson.com, valleycareipa.com, unis.com.cn, jx-c.com.cn, cn-yusheng.com, dawnportertherapy.com, detongwiremesh.com, tygluegun.com, sanhoos.com, gadahardware.com, btdiowa.com, donnaschwartztherapist.com, xtzhiliji.com, dgclh.com, bamko.net, ausarabbusinesscouncil.com, simplycounseling.com, faithandhopetherapy.com, creditop.com, lstcarbon.com, it.com, ttstest.com, outbook.com, mackenzieccs.com, gaetanasnyc.com, oukay.net, cobcottage.com, helpinghandsinspirehappyhearts.com, irrigationsystems4u.com, iowalcclinic.org, yhjgkeji.com, china-one.net, kingdisplay.net, wzouli.com, eu.org, dawnthompsontherapy.com, scheduleme.org, bierte.com, lasvegasnvtherapist.com, garage-eiffel.fr, tncountyclerk.com, ttyt360.com, sca.com.au, advancedpsychologicalwellness.com, zgkaite.com, turnoutservices.com, xcom-mc.fr, marineurethane.com, zjdddl.com, villageofpittsford.org, ranscustombuilders.com, rqaccredited.com, leverijllc.com, hotel-beausejour-nevers.fr, sequoiahospitalfoundation.org, christianchanges.com, lifelinechiropractic.org, oracle-ag.ch, proper-tx.com, zjhrbz.com, zhaowoo.net, deshacircuitclerk.com, chedermenachem.org, bokitatools.com, themobilefactory.org, salvationarmyflorida.org, bestwanhui.com, sumexsoft.com, outdoorkitchensnorthwest.com, supportcaliforniahospital.org, landygroup.cn, ermissolutions.com, domainedelagarenne-morestel.fr, crystalindustries.com.cn, fermeurop.fr, bain86.com, carrieamorrisonpsyd.com, chuangong.com, humandynamicsinc.net, workers.dev, awdchina.com, sauss.net, tigerexpressfuel.com, ykweisheng.com, dignityhealthmember.org, 360-xj.com, xjwfcj.com, co.zm, ta-yu.com, meeshamoultonlaw.com, isolation-maisons-provencales.fr, impresosmonterrey.com, shworldbest.com, trinityhealth.com, zsnet.net, dongguansenzi.com, get-plastic.com, caez-wv.org, meridianoutboard.com, carmaxbolivia.com, denis-carrelage.fr, jjshawcounseling.com, physnum.com, empreintes-coiffure.fr, china114.net, smartbuildings.com, dentalabs.com.br, timelesscounseling.com, occalamance.com, dts-renovation.fr, hy189.net, chinazsi.net, sreevarahhas.com, xjhongshun.com, petersenfoundation.org, converse.dk, xrcd.cn, mercybakersfield.org, multicolor-pigment.com, geochem.org, dkrausfootprints.com, lincolnwaymusic.org, equinaceaprodutosnaturais.com, dmln.net |
| 43.203.230.•••:18789 | - | 🇰🇷 South Korea | - | true | Clean | AS16509 | Amazon.com, Inc. | Amazon | 30/03/2026, 03:41:44 | 06/04/2026, 14:57:13 | No | No | - | CVE-2023-38709, CVE-2024-24795, CVE-2024-27316, CVE-2024-36387, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898, CVE-2024-42516, CVE-2024-43204, CVE-2024-43394, CVE-2024-47252, CVE-2025-23048, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020, CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-65082, CVE-2025-66200 | 03/04/2026, 06:41:05 | - |
| 104.46.219.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 30/03/2026, 03:11:13 | 30/03/2026, 08:58:16 | - | - | - | - | - | - |
| 62.43.249.•••:18789 | - | 🇪🇸 Spain | Yes | true | Clean | AS6739 | Vodafone ONO AS | Vodafone Ono | 30/03/2026, 03:11:13 | 11/04/2026, 04:06:27 | - | - | - | - | - | - |
| 194.93.48.•••:18789 | - | 🇵🇱 Poland | - | true | Clean | AS215291 | SimplePod.ai Sp. z o.o. | Netutils | 30/03/2026, 03:11:13 | 11/04/2026, 01:56:39 | No | No | - | CVE-2006-20001, CVE-2013-4352, CVE-2013-5704, CVE-2013-6438, CVE-2014-0098, CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2014-3523, CVE-2014-3581, CVE-2014-8109, CVE-2015-0228, CVE-2015-3183, CVE-2015-3185, CVE-2016-0736, CVE-2016-2161, CVE-2016-4975, CVE-2016-5387, CVE-2016-8612, CVE-2016-8743, CVE-2017-15710, CVE-2017-15715, CVE-2017-3167, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-17199, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2020-11985, CVE-2020-13938, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-34798, CVE-2021-39275, CVE-2021-40438, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-31122, CVE-2023-38709, CVE-2024-24795, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898 | 05/04/2026, 05:59:50 | - |
| 218.35.173.•••:18789 | - | 🇹🇼 Taiwan | - | true | Clean | AS7482 | Asia Pacific On-line Service Inc. | ETWebs Taiwan | 30/03/2026, 03:11:13 | 30/03/2026, 08:58:16 | - | - | - | - | - | - |
| 103.161.17.•••:18789 | - | 🇻🇳 Vietnam | - | true | Clean | AS135967 | Bach Kim Network solutions Join stock company | BK Information System JSC | 30/03/2026, 03:11:12 | 30/03/2026, 08:58:15 | - | - | - | - | - | - |
| 39.98.34.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 03:11:12 | 16/04/2026, 13:41:05 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Carbanak, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, Lyceum APT, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, TA505, TEMP.Hermit, The Shadow Brokers, Volt Typhoon | CVE-2014-1692, CVE-2014-2532, CVE-2014-2653, CVE-2015-5352, CVE-2015-5600, CVE-2015-6563, CVE-2015-6564, CVE-2015-8325, CVE-2016-0777, CVE-2016-0778, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-1908, CVE-2016-20012, CVE-2016-3115, CVE-2016-6210, CVE-2016-6515, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385 | 10/04/2026, 11:40:19 | aliyun.com |
| 218.71.2.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS4134 | Chinanet | ChinaNet Wenzhou Node Network | 30/03/2026, 03:11:12 | 30/03/2026, 08:58:15 | - | - | - | - | - | - |
| 8.155.166.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alibaba Cloud | 30/03/2026, 03:11:12 | 17/04/2026, 10:02:08 | No | No | - | - | 04/04/2026, 16:58:04 | - |
| 52.231.68.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 30/03/2026, 03:11:11 | 30/03/2026, 08:58:15 | - | - | - | - | - | - |
| 43.136.94.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 30/03/2026, 03:11:11 | 17/04/2026, 10:01:02 | - | - | - | - | - | - |
| 147.135.212.•••:18789 | - | 🇫🇷 France | - | true | Clean | AS16276 | OVH SAS | OVH | 30/03/2026, 03:11:11 | 02/04/2026, 23:11:04 | - | - | - | - | - | - |
| 149.104.19.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS6134 | XNNET LLC | Starcloud Global | 30/03/2026, 03:11:11 | 30/03/2026, 08:58:14 | - | - | - | - | - | - |
| 129.121.84.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS31898 | Oracle Corporation | OGTIPS1 | 30/03/2026, 03:11:11 | 02/04/2026, 05:08:03 | - | - | - | - | - | - |
| 20.98.251.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 30/03/2026, 03:11:11 | 30/03/2026, 08:58:14 | - | - | - | - | - | - |
| 47.92.234.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 03:11:11 | 17/04/2026, 22:24:40 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/04/2026, 16:02:48 | - |
| 111.170.174.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS151185 | China Telecom | ChinaNet Hubei | 30/03/2026, 03:11:11 | 16/04/2026, 18:13:30 | - | - | - | - | - | - |
| 39.98.53.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 03:11:11 | 18/04/2026, 00:39:14 | Yes | Yes | Packrat | - | 08/04/2026, 14:58:25 | aliyun.com |
| 98.89.161.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14618 | Amazon.com, Inc. | Amazon Web Services | 30/03/2026, 03:11:11 | 02/04/2026, 10:21:50 | No | No | - | - | 27/03/2026, 05:54:07 | - |
| 47.92.77.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 03:11:11 | 14/04/2026, 21:42:25 | - | - | - | - | - | - |
| 93.127.158.•••:18789 | - | 🇫🇷 France | Yes | true | Clean | AS62000 | Netrix | ServerD | 30/03/2026, 03:11:11 | 16/04/2026, 22:00:52 | No | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 31/03/2026, 18:01:30 | - |
| 125.208.22.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS146817 | Hubei Feixun Network Co., Ltd | Hubei Feixun Network | 30/03/2026, 03:11:10 | 15/04/2026, 01:29:54 | No | - | - | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 04/04/2026, 21:08:11 | - |
| 20.196.194.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 30/03/2026, 03:11:10 | 30/03/2026, 08:58:14 | - | - | - | - | - | - |
| 47.92.255.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 03:11:10 | 17/04/2026, 22:24:37 | No | No | - | - | 27/03/2026, 05:07:55 | - |
| 159.89.188.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 30/03/2026, 03:11:10 | 17/04/2026, 10:01:23 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/04/2026, 19:27:26 | - |
| 8.140.221.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alibaba Cloud | 30/03/2026, 03:11:10 | 17/04/2026, 10:01:17 | - | - | - | - | - | - |
| 45.32.110.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Leaked | AS20473 | The Constant Company, LLC | Vultr Holdings | 30/03/2026, 03:11:10 | 08/04/2026, 07:45:58 | Yes | Yes | APT28, APT35, APT37, APT39, Cobalt Group, DragonFly, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/04/2026, 04:24:07 | vultr.com |
| 3.144.26.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS16509 | Amazon.com, Inc. | Amazon | 30/03/2026, 03:11:10 | 02/04/2026, 12:36:36 | - | - | - | - | - | - |
| 180.172.55.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS4812 | China Telecom (Group) | ChinaNet Shanghai | 30/03/2026, 03:11:10 | 05/04/2026, 23:11:26 | Yes | No | - | - | 02/04/2026, 17:53:11 | bj189.cn, 118114.cn, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, daqu.com.cn, ctyun.cn |
| 39.98.65.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 03:11:09 | 16/04/2026, 16:42:49 | Yes | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728 | 16/04/2026, 16:45:15 | aliyun.com |
| 47.92.246.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 03:11:09 | 18/04/2026, 00:37:57 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/04/2026, 20:40:13 | - |
| 136.114.135.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS396982 | Google LLC | 30/03/2026, 03:11:09 | 16/04/2026, 01:18:31 | No | No | - | CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/04/2026, 10:31:47 | - | |
| 95.111.248.•••:18789 | - | 🇫🇷 France | Yes | true | Clean | AS51167 | Contabo GmbH | Contabo | 30/03/2026, 03:11:09 | 30/03/2026, 08:58:12 | - | - | - | - | - | - |
| 114.118.2.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS23724 | IDC, China Telecommunications Corporation / AS4808 China Unicom Beijing Province Network | CloudVsp | 30/03/2026, 03:11:09 | 16/04/2026, 00:33:35 | Yes | Yes | APT-C-23, Gamaredon Group, Ghostwriter, Lazarus Group, Packrat, Turla APT Group, Volt Typhoon | CVE-2022-41741, CVE-2022-41742, CVE-2023-44487, CVE-2024-7347, CVE-2025-23419 | 10/04/2026, 17:45:48 | cloudvsp.com |
| 152.69.201.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS31898 | Oracle Corporation | Oracle | 30/03/2026, 03:11:09 | 10/04/2026, 17:41:00 | Yes | Yes | APT-C-23, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, DragonFly, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Packrat, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon, gozi | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-23017, CVE-2021-3618, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347 | 05/04/2026, 02:05:05 | healtheintent.com, purewellness.com, cerner.ae, retek.com, tryfoexnow.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, oracle.com, hiedirectconnect.org, maxymiser.net, oraclecloudservices.com, rsys2.net, hyperroll.com, nor1.com, oxygen.systems, oraclegovcloud.com, orcale.com, oraclemobile.com, sun.co.in, openair.co, oraclepdemos.com, stellent.com, siebel.com, cerner.net, oracle-cloud.com, docucorp.com, mvalent.com, elementfusion.com, netsuiteforms.com, oraclecloud.com, en25.com, solaris.com, rightnowtech.com, think.com, ipapp.com, jdedwards.com, tiger-institute.org, zenedge.com, skire.com, sun.com, sales.com, fyleio.com, push.io, estara.com, tekelec.com, textura.com, paymyhealthbill.com, dyndns.com, java.net, optika.com, jcp.org, smed.com, cernerenviza-tw.com, datafox.com, recruitmax.com, decisioneering.com, adiinsights.com, stortek.com, seebeyond.com, livelook.com, openjdk.org, virtualbox.org, dyn.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, storagetek.com, oracledatacloud.com |
| 178.104.120.•••:18789 | - | 🇩🇪 Germany | Yes | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner | 30/03/2026, 03:11:09 | 17/04/2026, 20:54:05 | - | - | - | - | - | - |
| 20.214.104.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 30/03/2026, 03:11:09 | 30/03/2026, 08:58:12 | - | - | - | - | - | - |
| 143.198.223.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 30/03/2026, 03:11:08 | 17/04/2026, 10:01:52 | Yes | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-43622, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-36387, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-39894, CVE-2024-40898, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 07/04/2026, 16:57:39 | duckdns.org |
| 20.214.240.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 30/03/2026, 03:11:08 | 30/03/2026, 08:58:11 | - | - | - | - | - | - |
| 185.255.131.•••:18789 | - | 🇫🇷 France | Yes | true | Clean | AS51167 | Contabo GmbH | Contabo | 30/03/2026, 03:11:08 | 08/04/2026, 22:47:39 | - | - | - | - | - | - |
| 47.253.219.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45102 | Alibaba (US) Technology Co., Ltd. | Alibaba Cloud US | 30/03/2026, 03:11:08 | 30/03/2026, 08:58:11 | - | - | - | - | - | - |
| 47.92.209.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 03:11:07 | 16/04/2026, 18:59:04 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/04/2026, 09:37:55 | - |
| 183.60.156.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS134763 | CHINANET Guangdong province network | CHINANET Guangdong | 30/03/2026, 03:11:07 | 31/03/2026, 17:10:27 | - | - | - | - | - | - |
| 43.156.137.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Clean | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 30/03/2026, 03:11:07 | 14/04/2026, 22:27:56 | - | - | - | - | - | - |
| 172.67.217.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS13335 | Cloudflare, Inc. | Cloudflare | 30/03/2026, 03:11:07 | 30/03/2026, 08:58:11 | - | - | - | - | - | - |
| 47.103.208.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 03:11:07 | 04/04/2026, 19:50:26 | No | Yes | APT-C-23, APT15, APT28, APT29, APT31, APT34, APT36, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Turla APT Group, Volt Typhoon | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385 | 04/04/2026, 19:09:15 | - |
| 124.221.157.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 30/03/2026, 03:11:07 | 17/04/2026, 01:01:09 | Yes | Yes | APT28, APT35, APT37, APT39, Carbanak, Cobalt Group, El-Machete, Kimsuky, Lazarus Group, Mustang Panda, RomCom Group, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-0819, CVE-2019-1068, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-1636, CVE-2021-41617, CVE-2022-29143, CVE-2023-21528, CVE-2023-21704, CVE-2023-21705, CVE-2023-21713, CVE-2023-21718 | 02/04/2026, 12:38:15 | tencent.com |
| 43.156.66.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Leaked | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 30/03/2026, 03:11:07 | 17/04/2026, 19:23:25 | Yes | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT36, APT37, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Daggerfly APT, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/04/2026, 13:04:54 | tencent.com |
| 110.41.57.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS55990 | Huawei Cloud Service data center | Huawei Cloud | 30/03/2026, 03:11:07 | 16/04/2026, 10:39:38 | - | - | - | - | - | - |
| 95.165.73.•••:18789 | - | 🇷🇺 Russia | - | true | Clean | AS25513 | PJSC Moscow city telephone network | MGTS | 30/03/2026, 03:11:07 | 30/03/2026, 11:13:27 | No | No | - | - | 24/03/2026, 07:05:11 | - |
| 103.142.27.•••:18789 | - | 🇻🇳 Vietnam | - | true | Clean | AS135951 | Webico Company Limited | Tino Group | 30/03/2026, 03:11:07 | 30/03/2026, 08:58:10 | - | - | - | - | - | - |
| 8.161.114.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alibaba Cloud | 30/03/2026, 03:11:07 | 16/04/2026, 15:11:38 | - | - | - | - | - | - |
| 82.156.170.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 30/03/2026, 03:11:07 | 16/04/2026, 00:33:36 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385 | 06/04/2026, 03:45:22 | - |
| 39.98.57.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 03:11:07 | 17/04/2026, 10:00:56 | Yes | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/04/2026, 01:43:28 | aliyun.com, dp.tech |
| 206.189.24.•••:18789 | - | 🇬🇧 United Kingdom | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 30/03/2026, 03:11:07 | 17/04/2026, 10:01:14 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/04/2026, 09:37:33 | - |
| 106.12.26.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 30/03/2026, 03:11:06 | 16/04/2026, 01:18:34 | Yes | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 15:27:45 | baidu.com |
| 103.183.74.•••:18789 | - | 🇮🇩 Indonesia | - | true | Clean | AS136052 | PT Cloud Hosting Indonesia | IDCloudHost | 30/03/2026, 03:11:06 | 18/04/2026, 00:38:05 | No | Yes | APT14, APT40, APT41, Gamaredon Group, Kimsuky, Lazarus Group, SharpPanda | CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2021-44224, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/04/2026, 03:42:02 | - |
| 42.194.215.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 30/03/2026, 03:11:06 | 17/04/2026, 10:01:44 | - | - | - | - | - | - |
| 45.151.123.•••:18789 | - | 🇫🇷 France | Yes | true | Leaked | AS51167 | Contabo GmbH | Contabo | 30/03/2026, 03:11:06 | 15/04/2026, 01:30:14 | Yes | Yes | APT-C-23, APT15, APT28, APT29, APT31, APT34, APT36, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Turla APT Group, Volt Typhoon | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 30/03/2026, 12:02:43 | contabo.de, contabo.net |
| 159.69.124.•••:18789 | - | 🇩🇪 Germany | Yes | true | Leaked | AS24940 | Hetzner Online GmbH | Hetzner Online | 30/03/2026, 03:11:06 | 17/04/2026, 10:01:27 | Yes | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/04/2026, 03:17:00 | hetzner.com |
| 142.93.10.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 30/03/2026, 03:11:05 | 18/04/2026, 00:38:05 | No | Yes | APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-16843, CVE-2018-16844, CVE-2018-16845, CVE-2018-20685, CVE-2019-20372, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 11/04/2026, 12:46:30 | - |
| 101.34.30.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 30/03/2026, 03:11:05 | 17/04/2026, 04:01:45 | Yes | Yes | APT28, APT35, APT37, APT39, Cobalt Group, El-Machete, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617 | 04/04/2026, 15:23:45 | tencent.com |
| 34.179.215.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS396982 | Google LLC | 30/03/2026, 03:11:05 | 17/04/2026, 20:54:01 | - | - | - | - | - | - | |
| 15.165.17.•••:18789 | - | 🇰🇷 South Korea | - | true | Clean | AS16509 | Amazon.com, Inc. | AWS Seoul Region | 30/03/2026, 03:11:05 | 18/04/2026, 00:38:55 | No | No | - | CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617 | 30/03/2026, 11:59:13 | - |
| 111.228.38.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS141679 | China Telecom Beijing Tianjin Hebei Big Data Industry Park Branch | Jingdong Headquarters | 30/03/2026, 03:11:05 | 30/03/2026, 08:58:08 | - | - | - | - | - | - |
| 161.97.81.•••:18789 | - | 🇫🇷 France | Yes | true | Leaked | AS51167 | Contabo GmbH | Contabo | 30/03/2026, 03:11:05 | 15/04/2026, 01:30:15 | Yes | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/04/2026, 20:39:22 | contaboserver.net, contabo.de, contabo.net |
| 203.194.112.•••:18789 | - | 🇮🇩 Indonesia | Yes | true | Leaked | AS58487 | CV. Rumahweb Indonesia | Rumahweb Indonesia | 30/03/2026, 03:11:05 | 17/04/2026, 06:16:58 | Yes | Yes | APT-C-23, APT14, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, Turla APT Group, Volt Typhoon, WIRTE | CVE-2006-20001, CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11984, CVE-2020-11993, CVE-2020-12062, CVE-2020-13950, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-23017, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-30641, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-3618, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-1322, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/04/2026, 11:16:47 | rumahweb.com |
| 49.235.188.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 30/03/2026, 03:11:04 | 07/04/2026, 19:44:23 | - | - | - | - | - | - |
| 43.138.149.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 30/03/2026, 03:11:04 | 15/04/2026, 01:29:58 | - | - | - | - | - | - |
| 120.26.84.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 03:11:04 | 17/04/2026, 03:16:40 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2005-0004, CVE-2012-0540, CVE-2012-0572, CVE-2012-0574, CVE-2012-0578, CVE-2012-1688, CVE-2012-1689, CVE-2012-1690, CVE-2012-1697, CVE-2012-1702, CVE-2012-1703, CVE-2012-1705, CVE-2012-1734, CVE-2012-1735, CVE-2012-1756, CVE-2012-1757, CVE-2012-2750, CVE-2012-3150, CVE-2012-3158, CVE-2012-3160, CVE-2012-3163, CVE-2012-3166, CVE-2012-3167, CVE-2012-3173, CVE-2012-3177, CVE-2012-3180, CVE-2012-3197, CVE-2012-5060, CVE-2012-5096, CVE-2012-5612, CVE-2012-5614, CVE-2012-5627, CVE-2013-0367, CVE-2013-0368, CVE-2013-0371, CVE-2013-0383, CVE-2013-0384, CVE-2013-0385, CVE-2013-0386, CVE-2013-0389, CVE-2013-1502, CVE-2013-1506, CVE-2013-1511, CVE-2013-1512, CVE-2013-1521, CVE-2013-1523, CVE-2013-1526, CVE-2013-1531, CVE-2013-1532, CVE-2013-1544, CVE-2013-1548, CVE-2013-1552, CVE-2013-1555, CVE-2013-1861, CVE-2013-2375, CVE-2013-2376, CVE-2013-2378, CVE-2013-2389, CVE-2013-2391, CVE-2013-2392, CVE-2013-3783, CVE-2013-3793, CVE-2013-3794, CVE-2013-3801, CVE-2013-3802, CVE-2013-3804, CVE-2013-3805, CVE-2013-3808, CVE-2013-3809, CVE-2013-3812, CVE-2013-3839, CVE-2013-5807, CVE-2013-5891, CVE-2013-5908, CVE-2014-0001, CVE-2014-0384, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0437, CVE-2014-2419, CVE-2014-2430, CVE-2014-2431, CVE-2014-2432, CVE-2014-2436, CVE-2014-2438, CVE-2014-2440, CVE-2014-2494, CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6478, CVE-2014-6484, CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496, CVE-2014-6500, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559, CVE-2014-6568, CVE-2015-0374, CVE-2015-0381, CVE-2015-0382, CVE-2015-0391, CVE-2015-0411, CVE-2015-0432, CVE-2015-0433, CVE-2015-0441, CVE-2015-0499, CVE-2015-0501, CVE-2015-0505, CVE-2015-2325, CVE-2015-2568, CVE-2015-2571, CVE-2015-2573, CVE-2015-2582, CVE-2015-2620, CVE-2015-2643, CVE-2015-2648, CVE-2015-3152, CVE-2015-4752, CVE-2015-4757, CVE-2015-4792, CVE-2015-4802, CVE-2015-4807, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4864, CVE-2015-4870, CVE-2015-4879, CVE-2015-4913, CVE-2015-7744, CVE-2016-0502, CVE-2016-0610, CVE-2016-0616, CVE-2016-0642, CVE-2016-0651, CVE-2016-20012, CVE-2016-3471, CVE-2016-3492, CVE-2016-5584, CVE-2016-5612, CVE-2016-5624, CVE-2016-5626, CVE-2016-5629, CVE-2016-6664, CVE-2016-7440, CVE-2016-9843, CVE-2017-10268, CVE-2017-10378, CVE-2017-10379, CVE-2017-10384, CVE-2017-15365, CVE-2017-15945, CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3258, CVE-2017-3265, CVE-2017-3291, CVE-2017-3302, CVE-2017-3308, CVE-2017-3309, CVE-2017-3312, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464, CVE-2017-3600, CVE-2017-3636, CVE-2017-3641, CVE-2017-3651, CVE-2017-3653, CVE-2018-2562, CVE-2018-2622, CVE-2018-2640, CVE-2018-2665, CVE-2018-2668, CVE-2018-2755, CVE-2018-2761, CVE-2018-2767, CVE-2018-2771, CVE-2018-2781, CVE-2018-2813, CVE-2018-2817, CVE-2018-2819, CVE-2018-3058, CVE-2018-3063, CVE-2018-3066, CVE-2018-3081, CVE-2018-3133, CVE-2018-3174, CVE-2018-3282, CVE-2019-16905, CVE-2019-2455, CVE-2019-2481, CVE-2019-2503, CVE-2019-2529, CVE-2019-2614, CVE-2019-2627, CVE-2019-2737, CVE-2019-2739, CVE-2019-2740, CVE-2019-2805, CVE-2019-2974, CVE-2020-14145, CVE-2020-14550, CVE-2020-15778, CVE-2020-2574, CVE-2020-2752, CVE-2020-2780, CVE-2020-2812, CVE-2020-28912, CVE-2020-2922, CVE-2021-2007, CVE-2021-2011, CVE-2021-2144, CVE-2021-36368, CVE-2021-41617, CVE-2021-46659, CVE-2021-46666, CVE-2021-46667, CVE-2021-46669, CVE-2022-27385, CVE-2022-27449, CVE-2022-31621, CVE-2022-31622, CVE-2022-31623, CVE-2022-31624, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-5157 | 02/04/2026, 05:53:23 | aliyun.com |
| 43.140.34.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 30/03/2026, 03:11:04 | 16/04/2026, 15:11:36 | - | - | - | - | - | - |
| 222.137.248.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS4837 | CHINA UNICOM China169 Backbone | China Unicom Henan | 30/03/2026, 03:11:04 | 02/04/2026, 17:07:37 | - | - | - | - | - | - |
| 156.225.143.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS142286 | LUOGELANG (FRANCE) LIMITED | CloudFly Net Inc | 30/03/2026, 03:11:04 | 17/04/2026, 20:54:06 | No | Yes | APT1, APT32, El-Machete, FIN8, Gamaredon-Group, gozi | CVE-2014-4078 | 02/04/2026, 01:42:03 | - |
| 20.89.224.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 30/03/2026, 03:08:43 | 31/03/2026, 10:23:16 | - | - | - | - | - | - |
| 20.230.246.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 30/03/2026, 03:08:43 | 31/03/2026, 10:23:16 | - | - | - | - | - | - |
| 104.46.219.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 30/03/2026, 03:08:43 | 31/03/2026, 10:23:16 | - | - | - | - | - | - |
| 103.161.17.•••:18789 | - | 🇻🇳 Vietnam | - | true | Clean | AS135967 | Bach Kim Network solutions Join stock company | BK Information System JSC | 30/03/2026, 03:08:43 | 31/03/2026, 10:23:16 | No | No | - | - | 24/03/2026, 03:09:00 | - |
| 52.231.68.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 30/03/2026, 03:08:43 | 31/03/2026, 10:23:15 | - | - | - | - | - | - |
| 20.98.251.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 30/03/2026, 03:08:43 | 31/03/2026, 10:23:15 | - | - | - | - | - | - |
| 3.89.5.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS14618 | Amazon.com, Inc. | Amazon Web Services | 30/03/2026, 03:08:42 | 31/03/2026, 10:23:15 | - | - | - | - | - | - |
| 159.89.188.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 30/03/2026, 03:08:42 | 18/04/2026, 00:36:59 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 30/03/2026, 03:09:06 | - |
| 3.144.26.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS16509 | Amazon.com, Inc. | Amazon | 30/03/2026, 03:08:42 | 03/04/2026, 14:05:39 | No | No | - | CVE-2016-20012, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728 | 30/03/2026, 03:09:07 | - |
| 20.214.104.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 30/03/2026, 03:08:42 | 31/03/2026, 10:23:15 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617 | 30/03/2026, 03:09:10 | - |
| 20.214.240.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 30/03/2026, 03:08:42 | 31/03/2026, 10:23:15 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617 | 30/03/2026, 03:09:12 | - |
| 123.57.237.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 30/03/2026, 03:08:42 | 17/04/2026, 17:24:08 | Yes | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 30/03/2026, 03:09:13 | aliyun.com |
| 122.152.202.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 30/03/2026, 03:08:42 | 31/03/2026, 10:23:15 | Yes | Yes | APT37, El-Machete | - | 30/03/2026, 03:09:14 | tencent.com |
| 103.142.27.•••:18789 | - | 🇻🇳 Vietnam | - | true | Clean | AS135951 | Webico Company Limited | Tino Group | 30/03/2026, 03:08:42 | 31/03/2026, 10:23:15 | - | - | - | - | - | - |
| 178.156.165.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS213230 | Hetzner Online GmbH | Hetzner | 30/03/2026, 03:08:42 | 31/03/2026, 10:23:15 | Yes | No | - | CVE-2015-5352, CVE-2015-5600, CVE-2015-6563, CVE-2015-6564, CVE-2015-8325, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-1908, CVE-2016-20012, CVE-2016-3115, CVE-2016-6210, CVE-2016-6515, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 30/03/2026, 03:09:19 | hetzner.com |
| 106.12.26.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS38365 | Beijing Baidu Netcom Science and Technology Co., Ltd. | Baidu | 30/03/2026, 03:08:42 | 31/03/2026, 10:23:15 | - | - | - | - | - | - |
| 142.93.10.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 30/03/2026, 03:08:41 | 18/04/2026, 00:35:34 | No | Yes | APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-16843, CVE-2018-16844, CVE-2018-16845, CVE-2018-20685, CVE-2019-20372, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 30/03/2026, 03:09:22 | - |
| 34.179.215.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS396982 | Google LLC | 30/03/2026, 03:08:41 | 18/04/2026, 00:36:29 | - | - | - | - | - | - | |
| 15.165.17.•••:18789 | - | 🇰🇷 South Korea | - | true | Clean | AS16509 | Amazon.com, Inc. | AWS Seoul Region | 30/03/2026, 03:08:41 | 18/04/2026, 00:35:47 | No | No | - | CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617 | 30/03/2026, 03:09:25 | - |
| 172.67.132.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS13335 | Cloudflare, Inc. | Cloudflare | 30/03/2026, 02:38:17 | 30/03/2026, 08:19:03 | - | - | - | - | - | - |
| 138.199.227.•••:18789 | - | 🇩🇪 Germany | Yes | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner | 30/03/2026, 02:38:17 | 11/04/2026, 23:15:08 | No | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/04/2026, 13:03:02 | - |
| 131.72.104.•••:18789 | - | 🇧🇷 Brazil | Yes | true | Clean | AS61732 | PRECISA INTERNET E COMUNICAÇÃO LTDA | Precisa Internet e Comunicação | 30/03/2026, 02:38:16 | 16/04/2026, 22:46:04 | No | No | - | CVE-2023-44487, CVE-2024-7347, CVE-2025-23419 | 01/04/2026, 19:26:22 | - |
| 118.145.160.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS137718 | Beijing Volcano Engine Technology Co., Ltd. | Beijing Volcano Engine Technology | 30/03/2026, 02:38:16 | 12/04/2026, 00:44:56 | - | - | - | - | - | - |
| 3.232.105.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14618 | Amazon.com, Inc. | Amazon Web Services | 30/03/2026, 02:38:16 | 30/03/2026, 11:12:58 | - | - | - | - | - | - |