🦞 OpenClaw Exposure Watchboard
This page lists publicly reachable active OpenClaw instances for defensive awareness. If this is your deployment, enable authentication, remove direct public exposure, and patch immediately.
Exposed Instances: 1006105 Page: 216 / 10062 (100 per page) Showing: 21501-21600 Last Imported: 14/07/2026, 07:44:58
🇨🇳 483,673
🇺🇸 290,578
Build With Vivgrid
Explore Vivgrid Ship Secure Enterprise AI Agents 10× Faster with vivgrid.com
Vivgrid gives you authentication, model gateway, tool control, cost tracking, and enterprise observability — everything you need to ship AI agents safely at scale.
| Endpoint | Assistant Name | Country | auth_required | is_active | has_leaked_creds | asn | asn_name | org | first_seen | last_seen | asi_has_breach | asi_has_threat_actor | asi_threat_actors | asi_cves | asi_enriched_at | asi_domains |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 18.118.95.•••:18789 | - | 🇺🇸 United States | - | false | Clean | AS16509 | Amazon.com, Inc. | Amazon | 01/07/2026, 22:42:06 | 02/07/2026, 05:07:55 | - | - | - | - | - | - |
| 213.176.17.•••:18789 | - | 🇫🇮 Finland | - | false | Clean | AS215540 | GLOBAL CONNECTIVITY SOLUTIONS LLP | Global Connectivity Solutions | 01/07/2026, 22:42:05 | 02/07/2026, 05:07:54 | - | - | - | - | - | - |
| 47.105.95.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 01/07/2026, 22:42:05 | 11/07/2026, 13:37:22 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617 | 02/07/2026, 20:12:39 | - |
| 117.81.67.•••:18789 | - | 🇨🇭 Switzerland | - | true | Leaked | AS140292 | CHINATELECOM Jiangsu province Suzhou 5G network | ChinaNet Jiangsu | 01/07/2026, 22:42:05 | 13/07/2026, 19:15:53 | Yes | No | - | - | 04/07/2026, 15:00:56 | bj189.cn, 118114.cn, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, ideal.sh.cn, daqu.com.cn, ctyun.cn |
| 123.57.228.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 01/07/2026, 22:42:03 | 02/07/2026, 05:07:53 | - | - | - | - | - | - |
| 79.51.90.•••:18789 | - | 🇮🇹 Italy | Yes | false | Clean | AS3269 | Telecom Italia S.p.A. | Telecom ADSL Pool | 01/07/2026, 22:42:03 | 02/07/2026, 05:07:53 | - | - | - | - | - | - |
| 124.220.46.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 01/07/2026, 22:42:02 | 14/07/2026, 01:40:54 | Yes | - | - | - | 04/07/2026, 21:25:38 | tencentcloud.com |
| 52.79.122.•••:18789 | - | 🇰🇷 South Korea | - | false | Clean | AS16509 | Amazon.com, Inc. | AWS Seoul Region | 01/07/2026, 22:40:07 | 03/07/2026, 16:50:52 | No | - | - | - | 26/06/2026, 02:15:18 | - |
| 129.159.236.•••:18789 | - | 🇺🇸 United States | - | false | Leaked | AS31898 | Oracle Corporation | Oracle | 01/07/2026, 22:40:07 | 03/07/2026, 16:50:52 | Yes | No | - | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 02/07/2026, 02:15:19 | netsuit.com, healtheintent.com, purewellness.com, cerner.ae, retek.com, tryfoexnow.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, healtheatcerner.com, oracle.com, hiedirectconnect.org, maxymiser.net, oraclecloudservices.com, rsys2.net, hyperroll.com, nor1.com, oxygen.systems, oraclegovcloud.com, orcale.com, oraclemobile.com, sun.co.in, openair.co, oraclepdemos.com, stellent.com, siebel.com, cerner.net, oracle-cloud.com, docucorp.com, mvalent.com, netsuitesuiteprojectspro.com, elementfusion.com, netsuiteforms.com, oraclecloud.com, en25.com, solaris.com, rightnowtech.com, think.com, ipapp.com, pertmaster.com, jdedwards.com, commercialware.com, tiger-institute.org, zenedge.com, skire.com, sun.com, ateam-oracle.com, sales.com, fyleio.com, push.io, estara.com, tekelec.com, textura.com, paymyhealthbill.com, dyndns.com, java.net, optika.com, jcp.org, smed.com, cernerenviza-tw.com, datafox.com, recruitmax.com, decisioneering.com, adiinsights.com, stortek.com, seebeyond.com, livelook.com, openjdk.org, virtualbox.org, dyn.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, storagetek.com, oracledatacloud.com |
| 212.56.34.•••:18789 | - | 🇩🇪 Germany | - | false | Leaked | AS40021 | Contabo Inc. | Contabo | 01/07/2026, 22:40:06 | 03/07/2026, 16:50:52 | Yes | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2024-6484, CVE-2024-6485, CVE-2025-1695, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728 | 02/07/2026, 02:15:20 | qzz.io, contabo.de, contabo.net |
| 213.176.17.•••:18789 | - | 🇫🇮 Finland | - | false | Clean | AS215540 | GLOBAL CONNECTIVITY SOLUTIONS LLP | Global Connectivity Solutions | 01/07/2026, 22:40:06 | 03/07/2026, 17:33:27 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 02/07/2026, 02:15:24 | - |
| 149.50.152.•••:443 | - | 🇦🇷 Argentina | Yes | true | Clean | AS27823 | Dattatec.com | Dattatec | 01/07/2026, 22:03:33 | 13/07/2026, 15:45:08 | - | - | - | - | - | - |
| 220.190.1.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Clean | AS4134 | Chinanet | ChinaNet Wenzhou Node Network | 01/07/2026, 22:03:33 | 02/07/2026, 08:02:57 | No | No | - | - | 25/06/2026, 23:32:50 | - |
| 162.55.88.•••:10017 | - | 🇩🇪 Germany | Yes | true | Leaked | AS24940 | Hetzner Online GmbH | Hetzner | 01/07/2026, 22:03:33 | 13/07/2026, 16:27:56 | Yes | No | - | - | 02/07/2026, 05:12:04 | hetzner.com |
| 159.203.125.•••:9095 | - | 🇺🇸 United States | Yes | false | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 01/07/2026, 22:03:33 | 02/07/2026, 08:02:57 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT36, APT37, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 01/07/2026, 23:32:52 | - |
| 47.100.254.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 01/07/2026, 22:03:33 | 11/07/2026, 11:33:32 | No | Yes | APT-C-23, APT14, APT27, APT28, APT35, APT37, APT39, APT40, APT41, Chimera APT, Cobalt Group, DRBControl, Donot Team, Evil Eye APT, Gamaredon Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Night Dragon, Sandworm Team, SharpPanda, SideWinder APT, TA428, TA505, The Shadow Brokers, Tropic Trooper, Volt Typhoon, WIRTE | CVE-2006-20001, CVE-2007-1349, CVE-2011-2767, CVE-2013-5704, CVE-2013-6501, CVE-2014-0236, CVE-2014-2497, CVE-2014-3538, CVE-2014-3581, CVE-2014-3583, CVE-2014-3587, CVE-2014-3597, CVE-2014-3668, CVE-2014-3669, CVE-2014-3670, CVE-2014-3710, CVE-2014-5120, CVE-2014-5459, CVE-2014-8109, CVE-2014-8142, CVE-2014-9425, CVE-2014-9426, CVE-2014-9652, CVE-2014-9653, CVE-2014-9705, CVE-2014-9709, CVE-2015-0228, CVE-2015-0231, CVE-2015-0232, CVE-2015-0235, CVE-2015-0273, CVE-2015-1351, CVE-2015-1352, CVE-2015-2301, CVE-2015-2305, CVE-2015-2325, CVE-2015-2326, CVE-2015-2331, CVE-2015-2348, CVE-2015-2787, CVE-2015-3152, CVE-2015-3183, CVE-2015-3185, CVE-2015-3411, CVE-2015-3412, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-4116, CVE-2015-4598, CVE-2015-4599, CVE-2015-4600, CVE-2015-4601, CVE-2015-4602, CVE-2015-4603, CVE-2015-4604, CVE-2015-4605, CVE-2015-4642, CVE-2015-4643, CVE-2015-4644, CVE-2015-5589, CVE-2015-6831, CVE-2015-6834, CVE-2015-6835, CVE-2015-6837, CVE-2015-6838, CVE-2015-7803, CVE-2015-7804, CVE-2015-8383, CVE-2015-8386, CVE-2015-8387, CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, CVE-2015-8394, CVE-2015-8835, CVE-2015-8838, CVE-2015-8865, CVE-2015-8866, CVE-2015-8867, CVE-2015-8873, CVE-2015-8874, CVE-2015-8876, CVE-2015-8877, CVE-2015-8878, CVE-2015-8879, CVE-2015-8994, CVE-2015-9253, CVE-2016-0736, CVE-2016-10158, CVE-2016-10159, CVE-2016-10161, CVE-2016-10397, CVE-2016-10708, CVE-2016-10712, CVE-2016-1903, CVE-2016-20012, CVE-2016-2161, CVE-2016-2554, CVE-2016-3074, CVE-2016-3141, CVE-2016-3142, CVE-2016-3185, CVE-2016-4070, CVE-2016-4071, CVE-2016-4072, CVE-2016-4342, CVE-2016-4343, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-4544, CVE-2016-4975, CVE-2016-5093, CVE-2016-5094, CVE-2016-5095, CVE-2016-5096, CVE-2016-5114, CVE-2016-5385, CVE-2016-5387, CVE-2016-5399, CVE-2016-5768, CVE-2016-5769, CVE-2016-5770, CVE-2016-5771, CVE-2016-5772, CVE-2016-5773, CVE-2016-6207, CVE-2016-6288, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297, CVE-2016-7124, CVE-2016-7125, CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129, CVE-2016-7130, CVE-2016-7131, CVE-2016-7132, CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418, CVE-2016-8612, CVE-2016-8743, CVE-2016-9137, CVE-2016-9138, CVE-2016-9934, CVE-2016-9935, CVE-2017-11142, CVE-2017-11143, CVE-2017-11144, CVE-2017-11145, CVE-2017-11147, CVE-2017-11628, CVE-2017-12933, CVE-2017-15710, CVE-2017-15715, CVE-2017-15906, CVE-2017-16642, CVE-2017-3167, CVE-2017-3169, CVE-2017-7272, CVE-2017-7679, CVE-2017-7890, CVE-2017-7963, CVE-2017-8923, CVE-2017-9224, CVE-2017-9225, CVE-2017-9226, CVE-2017-9229, CVE-2017-9788, CVE-2017-9798, CVE-2018-10545, CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-14851, CVE-2018-14883, CVE-2018-15132, CVE-2018-15473, CVE-2018-15919, CVE-2018-17082, CVE-2018-17199, CVE-2018-19395, CVE-2018-19396, CVE-2018-19520, CVE-2018-20685, CVE-2018-20783, CVE-2018-5711, CVE-2018-5712, CVE-2018-7584, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9023, CVE-2019-9024, CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9641, CVE-2020-11985, CVE-2020-13938, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2021-23017, CVE-2021-26690, CVE-2021-26691, CVE-2021-34798, CVE-2021-3618, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31628, CVE-2022-31629, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2022-41741, CVE-2022-41742, CVE-2023-25690, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-44487, CVE-2023-45802, CVE-2023-48795, CVE-2023-51385, CVE-2024-24795, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898, CVE-2024-4577, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/07/2026, 05:12:06 | - |
| 58.61.156.•••:32791 | - | 🇨🇳 China mainland | Yes | false | Leaked | AS4134 | Chinanet | CHINANET Guangdong | 01/07/2026, 22:03:33 | 05/07/2026, 11:45:03 | Yes | No | - | CVE-2024-37085, CVE-2024-37086, CVE-2024-37087, CVE-2024-39894, CVE-2024-6387, CVE-2025-22224, CVE-2025-22225, CVE-2025-22226, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228, CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 02/07/2026, 05:12:08 | bj189.cn, 118114.cn, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, ideal.sh.cn, daqu.com.cn, ctyun.cn |
| 117.50.184.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS23724 | IDC, China Telecommunications Corporation / AS4808 China Unicom Beijing Province Network | UCloud | 01/07/2026, 22:03:32 | 12/07/2026, 01:49:34 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Packrat, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2020-8022, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-46589, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-23672, CVE-2024-24549, CVE-2025-24813, CVE-2025-26465, CVE-2025-32728, CVE-2025-55752, CVE-2025-55754, CVE-2025-61795, CVE-2025-61984, CVE-2025-61985 | 02/07/2026, 05:12:16 | ucloud.cn |
| 118.68.148.•••:18789 | - | 🇻🇳 Vietnam | - | false | Clean | AS18403 | FPT Telecom Company | FPT Telecom | 01/07/2026, 22:03:31 | 02/07/2026, 08:02:55 | Yes | Yes | Packrat | CVE-2009-4593 | 02/07/2026, 05:12:26 | fpt.net |
| 139.162.8.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Clean | AS63949 | Akamai Connected Cloud | Linode | 01/07/2026, 22:03:31 | 13/07/2026, 15:45:07 | No | Yes | APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Carbanak, Cobalt Group, DarkHotel Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2017-20005, CVE-2018-15473, CVE-2018-15919, CVE-2018-16843, CVE-2018-16844, CVE-2018-16845, CVE-2018-20685, CVE-2019-20372, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/07/2026, 05:12:28 | - |
| 162.206.151.•••:18789 | - | 🇺🇸 United States | - | false | Leaked | AS7018 | AT&T Enterprises, LLC | AT&T Enterprises | 01/07/2026, 22:03:31 | 02/07/2026, 08:46:08 | Yes | No | - | - | 02/07/2026, 05:12:29 | ap-att-idns.net, nevadabell.com, att.us, currently.net, attalascom.com, mobile.com, attdns.net, snet.com, accbusiness.com, snet.net, prodigy.net, att-websites.com, attvip.com, att.com, bellsouth.com, ameritech.net, fastspeed.dk, encatt.com, pacbell.net, pacbell.com, att-bundles.com, attla.com, attccc.com, sbcis.net, attwebspace.com, attcloudarchitect.com, att-idns.net, attstadium.com, mycingular.net, attmobility.com, attwatchtv.com, att.co, edgewireless.com, smartlink.com, attcenter.com, att.net, firstnet.com, cingular.com, directv.com.co, attwirelessonline.com, usi.net, atttest.com, att.com.co, accbusinessagent.com, attlocal.net, attbusiness.net, ameritech.com, attglobal.com, flash.net, itcanwait.com, sbc.com, sbcidc.com, currently.com, atttvnow.com, na-att-idns.net, attcompute.com, att-mail.com, prserv.net, attglobal.net, luckydog.com, escuelaplus.com, attcanada.com, swbell.net, sbcglobal.com, advantis.com, mobilephone.net, nvbell.net, bls.com, sbcglobal.net, bellsouth.net |
| 113.87.80.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Leaked | AS4134 | Chinanet | CHINANET Guangdong | 01/07/2026, 22:03:31 | 04/07/2026, 23:37:49 | Yes | No | - | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-19052, CVE-2018-20685, CVE-2018-25103, CVE-2019-11072, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-3708, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/07/2026, 05:12:31 | bj189.cn, 118114.cn, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, ideal.sh.cn, daqu.com.cn, ctyun.cn |
| 49.232.93.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 01/07/2026, 22:03:31 | 04/07/2026, 21:29:34 | Yes | Yes | APT37, El-Machete | - | 02/07/2026, 05:12:33 | tencent.com, tencentcloud.com |
| 43.143.122.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 01/07/2026, 22:03:31 | 11/07/2026, 22:15:24 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24989, CVE-2024-24990, CVE-2024-31079, CVE-2024-32760, CVE-2024-34161, CVE-2024-35200 | 02/07/2026, 05:12:34 | tencent.com, tencentcloud.com |
| 80.225.186.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS31898 | Oracle Corporation | Oracle Sweden | 01/07/2026, 22:03:30 | 12/07/2026, 09:43:23 | Yes | No | - | CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 02/07/2026, 05:12:40 | netsuit.com, healtheintent.com, purewellness.com, retek.com, tryfoexnow.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, healtheatcerner.com, oraclecloudservices.com, rsys2.net, hyperroll.com, orcale.com, oraclemobile.com, sun.co.in, stellent.com, siebel.com, cerner.net, oracle-cloud.com, docucorp.com, mvalent.com, netsuitesuiteprojectspro.com, elementfusion.com, oracleemaildelivery.com, en25.com, solaris.com, rightnowtech.com, think.com, ipapp.com, pertmaster.com, jdedwards.com, commercialware.com, tiger-institute.org, skire.com, ateam-oracle.com, sales.com, fyleio.com, push.io, estara.com, tekelec.com, textura.com, paymyhealthbill.com, dyndns.com, optika.com, jcp.org, smed.com, cernerenviza-tw.com, recruitmax.com, decisioneering.com, stortek.com, seebeyond.com, livelook.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, storagetek.com |
| 43.129.173.•••:443 | - | 🇭🇰 Hong Kong | Yes | true | Leaked | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 01/07/2026, 22:03:30 | 13/07/2026, 19:20:15 | Yes | Yes | APT37, El-Machete | - | 02/07/2026, 05:12:41 | tencent.com |
| 155.93.237.•••:80 | - | 🇿🇦 South Africa | Yes | false | Clean | AS37680 | Cool Ideas Service Provider (Pty) Ltd | OpenServ IPC National | 01/07/2026, 22:03:29 | 05/07/2026, 14:36:05 | - | - | - | - | - | - |
| 3.17.78.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS16509 | Amazon.com, Inc. | Amazon | 01/07/2026, 22:03:29 | 13/07/2026, 18:37:15 | No | - | - | - | 26/06/2026, 05:12:50 | - |
| 1.13.248.•••:20445 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 01/07/2026, 22:03:29 | 13/07/2026, 18:37:14 | Yes | Yes | APT28, APT35, APT36, APT37, APT39, Cobalt Group, Equation Group, Hafnium Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2020-9484, CVE-2021-25122, CVE-2021-25329, CVE-2021-30640, CVE-2021-33037, CVE-2021-36368, CVE-2021-41079, CVE-2021-41617, CVE-2021-42340, CVE-2021-43980, CVE-2022-23181, CVE-2022-25762, CVE-2022-29885, CVE-2022-34305, CVE-2022-42252, CVE-2023-28708, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/07/2026, 05:12:53 | tencent.com, tencentcloud.com |
| 2409:8a28:614:4d51:c683:4fff:fe27:3d06:18789 | - | 🇨🇳 China mainland | - | false | Clean | AS56041 | China Mobile communications corporation | China Mobile | 01/07/2026, 22:03:29 | 05/07/2026, 01:03:05 | - | - | - | - | - | - |
| 47.120.39.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 01/07/2026, 22:03:28 | 14/07/2026, 03:53:18 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385 | 01/07/2026, 22:46:05 | - |
| 90.156.230.•••:18789 | - | 🇰🇿 Kazakhstan | Yes | true | Clean | AS9123 | JSC "TIMEWEB" | Taiwan Cloud | 01/07/2026, 22:03:28 | 14/07/2026, 03:53:16 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 01/07/2026, 22:46:06 | - |
| 149.50.152.•••:18789 | - | 🇦🇷 Argentina | - | true | Clean | AS27823 | Dattatec.com | Dattatec | 01/07/2026, 22:01:44 | 13/07/2026, 10:40:56 | - | - | - | - | - | - |
| 220.190.1.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Clean | AS4134 | Chinanet | ChinaNet Wenzhou Node Network | 01/07/2026, 22:01:44 | 02/07/2026, 04:27:10 | No | No | - | - | 26/06/2026, 02:20:24 | - |
| 47.100.254.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 01/07/2026, 22:01:43 | 11/07/2026, 07:57:30 | No | Yes | APT-C-23, APT14, APT27, APT28, APT35, APT37, APT39, APT40, APT41, Chimera APT, Cobalt Group, DRBControl, Donot Team, Evil Eye APT, Gamaredon Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Night Dragon, Sandworm Team, SharpPanda, SideWinder APT, TA428, TA505, The Shadow Brokers, Tropic Trooper, Volt Typhoon, WIRTE | CVE-2006-20001, CVE-2007-1349, CVE-2011-2767, CVE-2013-5704, CVE-2013-6501, CVE-2014-0236, CVE-2014-2497, CVE-2014-3538, CVE-2014-3581, CVE-2014-3583, CVE-2014-3587, CVE-2014-3597, CVE-2014-3668, CVE-2014-3669, CVE-2014-3670, CVE-2014-3710, CVE-2014-5120, CVE-2014-5459, CVE-2014-8109, CVE-2014-8142, CVE-2014-9425, CVE-2014-9426, CVE-2014-9652, CVE-2014-9653, CVE-2014-9705, CVE-2014-9709, CVE-2015-0228, CVE-2015-0231, CVE-2015-0232, CVE-2015-0235, CVE-2015-0273, CVE-2015-1351, CVE-2015-1352, CVE-2015-2301, CVE-2015-2305, CVE-2015-2325, CVE-2015-2326, CVE-2015-2331, CVE-2015-2348, CVE-2015-2787, CVE-2015-3152, CVE-2015-3183, CVE-2015-3185, CVE-2015-3411, CVE-2015-3412, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-4116, CVE-2015-4598, CVE-2015-4599, CVE-2015-4600, CVE-2015-4601, CVE-2015-4602, CVE-2015-4603, CVE-2015-4604, CVE-2015-4605, CVE-2015-4642, CVE-2015-4643, CVE-2015-4644, CVE-2015-5589, CVE-2015-6831, CVE-2015-6834, CVE-2015-6835, CVE-2015-6837, CVE-2015-6838, CVE-2015-7803, CVE-2015-7804, CVE-2015-8383, CVE-2015-8386, CVE-2015-8387, CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, CVE-2015-8394, CVE-2015-8835, CVE-2015-8838, CVE-2015-8865, CVE-2015-8866, CVE-2015-8867, CVE-2015-8873, CVE-2015-8874, CVE-2015-8876, CVE-2015-8877, CVE-2015-8878, CVE-2015-8879, CVE-2015-8994, CVE-2015-9253, CVE-2016-0736, CVE-2016-10158, CVE-2016-10159, CVE-2016-10161, CVE-2016-10397, CVE-2016-10708, CVE-2016-10712, CVE-2016-1903, CVE-2016-20012, CVE-2016-2161, CVE-2016-2554, CVE-2016-3074, CVE-2016-3141, CVE-2016-3142, CVE-2016-3185, CVE-2016-4070, CVE-2016-4071, CVE-2016-4072, CVE-2016-4342, CVE-2016-4343, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-4544, CVE-2016-4975, CVE-2016-5093, CVE-2016-5094, CVE-2016-5095, CVE-2016-5096, CVE-2016-5114, CVE-2016-5385, CVE-2016-5387, CVE-2016-5399, CVE-2016-5768, CVE-2016-5769, CVE-2016-5770, CVE-2016-5771, CVE-2016-5772, CVE-2016-5773, CVE-2016-6207, CVE-2016-6288, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297, CVE-2016-7124, CVE-2016-7125, CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129, CVE-2016-7130, CVE-2016-7131, CVE-2016-7132, CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418, CVE-2016-8612, CVE-2016-8743, CVE-2016-9137, CVE-2016-9138, CVE-2016-9934, CVE-2016-9935, CVE-2017-11142, CVE-2017-11143, CVE-2017-11144, CVE-2017-11145, CVE-2017-11147, CVE-2017-11628, CVE-2017-12933, CVE-2017-15710, CVE-2017-15715, CVE-2017-15906, CVE-2017-16642, CVE-2017-3167, CVE-2017-3169, CVE-2017-7272, CVE-2017-7679, CVE-2017-7890, CVE-2017-7963, CVE-2017-8923, CVE-2017-9224, CVE-2017-9225, CVE-2017-9226, CVE-2017-9229, CVE-2017-9788, CVE-2017-9798, CVE-2018-10545, CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-14851, CVE-2018-14883, CVE-2018-15132, CVE-2018-15473, CVE-2018-15919, CVE-2018-17082, CVE-2018-17199, CVE-2018-19395, CVE-2018-19396, CVE-2018-19520, CVE-2018-20685, CVE-2018-20783, CVE-2018-5711, CVE-2018-5712, CVE-2018-7584, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9023, CVE-2019-9024, CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9641, CVE-2020-11985, CVE-2020-13938, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2021-23017, CVE-2021-26690, CVE-2021-26691, CVE-2021-34798, CVE-2021-3618, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31628, CVE-2022-31629, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2022-41741, CVE-2022-41742, CVE-2023-25690, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-44487, CVE-2023-45802, CVE-2023-48795, CVE-2023-51385, CVE-2024-24795, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898, CVE-2024-4577, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/07/2026, 02:20:31 | - |
| 85.130.189.•••:18789 | - | 🇮🇱 Israel | - | false | Clean | AS6810 | "Bezeq"- THE ISRAEL TELECOMMUNICATION CORP. LTD. | Bezeq | 01/07/2026, 22:01:43 | 02/07/2026, 04:27:09 | Yes | - | - | - | 02/07/2026, 02:20:38 | duckdns.org |
| 118.68.148.•••:18789 | - | 🇻🇳 Vietnam | - | false | Clean | AS18403 | FPT Telecom Company | FPT Telecom | 01/07/2026, 22:01:41 | 02/07/2026, 04:27:08 | Yes | Yes | Packrat | CVE-2009-4593 | 02/07/2026, 02:20:51 | fpt.net |
| 139.162.8.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Clean | AS63949 | Akamai Connected Cloud | Linode | 01/07/2026, 22:01:41 | 13/07/2026, 11:24:19 | No | Yes | APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Carbanak, Cobalt Group, DarkHotel Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2017-20005, CVE-2018-15473, CVE-2018-15919, CVE-2018-16843, CVE-2018-16844, CVE-2018-16845, CVE-2018-20685, CVE-2019-20372, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/07/2026, 02:20:52 | - |
| 113.87.80.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Leaked | AS4134 | Chinanet | CHINANET Guangdong | 01/07/2026, 22:01:41 | 04/07/2026, 20:01:14 | Yes | No | - | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-19052, CVE-2018-20685, CVE-2018-25103, CVE-2019-11072, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-3708, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/07/2026, 02:20:55 | bj189.cn, 118114.cn, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, ideal.sh.cn, daqu.com.cn, ctyun.cn |
| 49.232.93.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 01/07/2026, 22:01:41 | 04/07/2026, 18:35:38 | Yes | Yes | APT37, El-Machete | - | 02/07/2026, 02:20:58 | tencent.com, tencentcloud.com |
| 43.143.122.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 01/07/2026, 22:01:41 | 11/07/2026, 17:56:25 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24989, CVE-2024-24990, CVE-2024-31079, CVE-2024-32760, CVE-2024-34161, CVE-2024-35200 | 02/07/2026, 02:20:59 | tencent.com, tencentcloud.com |
| 43.129.173.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Leaked | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 01/07/2026, 22:01:39 | 13/07/2026, 14:16:54 | Yes | Yes | APT37, El-Machete | - | 02/07/2026, 02:21:08 | tencent.com |
| 155.93.237.•••:18789 | - | 🇿🇦 South Africa | - | false | Clean | AS37680 | Cool Ideas Service Provider (Pty) Ltd | OpenServ IPC National | 01/07/2026, 22:01:39 | 05/07/2026, 12:25:36 | - | - | - | - | - | - |
| 3.17.78.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS16509 | Amazon.com, Inc. | Amazon | 01/07/2026, 22:01:39 | 13/07/2026, 13:33:28 | No | - | - | - | 26/06/2026, 02:21:15 | - |
| 1.13.248.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 01/07/2026, 22:01:39 | 13/07/2026, 13:33:28 | Yes | Yes | APT28, APT35, APT36, APT37, APT39, Cobalt Group, Equation Group, Hafnium Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2020-9484, CVE-2021-25122, CVE-2021-25329, CVE-2021-30640, CVE-2021-33037, CVE-2021-36368, CVE-2021-41079, CVE-2021-41617, CVE-2021-42340, CVE-2021-43980, CVE-2022-23181, CVE-2022-25762, CVE-2022-29885, CVE-2022-34305, CVE-2022-42252, CVE-2023-28708, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/07/2026, 02:21:17 | tencent.com, tencentcloud.com |
| 2409:8a28:614:4d51:c683:4fff:fe27:3d06:18789 | - | 🇨🇳 China mainland | - | false | Clean | AS56041 | China Mobile communications corporation | China Mobile | 01/07/2026, 22:01:39 | 04/07/2026, 21:27:16 | - | - | - | - | - | - |
| 47.120.39.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 01/07/2026, 22:01:38 | 14/07/2026, 03:51:31 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385 | 02/07/2026, 02:21:24 | - |
| 90.156.230.•••:18789 | - | 🇰🇿 Kazakhstan | Yes | true | Clean | AS9123 | JSC "TIMEWEB" | Taiwan Cloud | 01/07/2026, 22:01:38 | 14/07/2026, 03:51:28 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 02/07/2026, 02:21:25 | - |
| 3.35.85.•••:18789 | - | 🇰🇷 South Korea | - | false | Clean | AS16509 | Amazon.com, Inc. | AWS Seoul Region | 01/07/2026, 22:01:38 | 02/07/2026, 04:27:05 | No | - | - | CVE-2006-20001, CVE-2019-17567, CVE-2019-20372, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2020-11984, CVE-2020-11993, CVE-2020-13938, CVE-2020-13950, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-23017, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-3618, CVE-2021-39275, CVE-2021-40438, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2022-41741, CVE-2022-41742, CVE-2023-25690, CVE-2023-27522, CVE-2023-31122, CVE-2023-38709, CVE-2023-44487, CVE-2023-45802, CVE-2024-24795, CVE-2024-27316, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898, CVE-2024-42516, CVE-2024-43204, CVE-2024-43394, CVE-2024-47252, CVE-2024-7347, CVE-2025-23048, CVE-2025-23419, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020, CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-65082, CVE-2025-66200 | 02/07/2026, 02:21:26 | - |
| 35.176.101.•••:18789 | - | 🇬🇧 United Kingdom | - | true | Clean | AS16509 | Amazon.com, Inc. | Amazon Web Services | 01/07/2026, 21:59:44 | 14/07/2026, 00:57:58 | No | No | - | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 02/07/2026, 18:07:38 | - |
| 45.79.145.•••:18789 | - | 🇺🇸 United States | Yes | false | Clean | AS63949 | Akamai Connected Cloud | Linode | 01/07/2026, 21:59:40 | 03/07/2026, 14:02:20 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2010-4478, CVE-2010-5107, CVE-2011-4327, CVE-2011-5000, CVE-2012-0814, CVE-2016-0777, CVE-2016-20012, CVE-2017-15906, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-36632, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-11168, CVE-2024-3219, CVE-2024-39894, CVE-2024-4032, CVE-2024-6232, CVE-2024-6387, CVE-2024-6923, CVE-2024-7592, CVE-2024-8088, CVE-2024-9287, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/07/2026, 15:11:44 | - |
| 149.50.152.•••:18789 | - | 🇦🇷 Argentina | - | true | Clean | AS27823 | Dattatec.com | Dattatec | 01/07/2026, 21:59:40 | 13/07/2026, 11:22:31 | - | - | - | - | - | - |
| 220.190.1.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Clean | AS4134 | Chinanet | ChinaNet Wenzhou Node Network | 01/07/2026, 21:59:39 | 02/07/2026, 04:25:08 | - | - | - | - | - | - |
| 47.100.254.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 01/07/2026, 21:59:39 | 11/07/2026, 07:55:36 | No | Yes | APT-C-23, APT14, APT27, APT28, APT35, APT37, APT39, APT40, APT41, Chimera APT, Cobalt Group, DRBControl, Donot Team, Evil Eye APT, Gamaredon Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Night Dragon, Sandworm Team, SharpPanda, SideWinder APT, TA428, TA505, The Shadow Brokers, Tropic Trooper, Volt Typhoon, WIRTE | CVE-2006-20001, CVE-2007-1349, CVE-2011-2767, CVE-2013-5704, CVE-2013-6501, CVE-2014-0236, CVE-2014-2497, CVE-2014-3538, CVE-2014-3581, CVE-2014-3583, CVE-2014-3587, CVE-2014-3597, CVE-2014-3668, CVE-2014-3669, CVE-2014-3670, CVE-2014-3710, CVE-2014-5120, CVE-2014-5459, CVE-2014-8109, CVE-2014-8142, CVE-2014-9425, CVE-2014-9426, CVE-2014-9652, CVE-2014-9653, CVE-2014-9705, CVE-2014-9709, CVE-2015-0228, CVE-2015-0231, CVE-2015-0232, CVE-2015-0235, CVE-2015-0273, CVE-2015-1351, CVE-2015-1352, CVE-2015-2301, CVE-2015-2305, CVE-2015-2325, CVE-2015-2326, CVE-2015-2331, CVE-2015-2348, CVE-2015-2787, CVE-2015-3152, CVE-2015-3183, CVE-2015-3185, CVE-2015-3411, CVE-2015-3412, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-4116, CVE-2015-4598, CVE-2015-4599, CVE-2015-4600, CVE-2015-4601, CVE-2015-4602, CVE-2015-4603, CVE-2015-4604, CVE-2015-4605, CVE-2015-4642, CVE-2015-4643, CVE-2015-4644, CVE-2015-5589, CVE-2015-6831, CVE-2015-6834, CVE-2015-6835, CVE-2015-6837, CVE-2015-6838, CVE-2015-7803, CVE-2015-7804, CVE-2015-8383, CVE-2015-8386, CVE-2015-8387, CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, CVE-2015-8394, CVE-2015-8835, CVE-2015-8838, CVE-2015-8865, CVE-2015-8866, CVE-2015-8867, CVE-2015-8873, CVE-2015-8874, CVE-2015-8876, CVE-2015-8877, CVE-2015-8878, CVE-2015-8879, CVE-2015-8994, CVE-2015-9253, CVE-2016-0736, CVE-2016-10158, CVE-2016-10159, CVE-2016-10161, CVE-2016-10397, CVE-2016-10708, CVE-2016-10712, CVE-2016-1903, CVE-2016-20012, CVE-2016-2161, CVE-2016-2554, CVE-2016-3074, CVE-2016-3141, CVE-2016-3142, CVE-2016-3185, CVE-2016-4070, CVE-2016-4071, CVE-2016-4072, CVE-2016-4342, CVE-2016-4343, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-4544, CVE-2016-4975, CVE-2016-5093, CVE-2016-5094, CVE-2016-5095, CVE-2016-5096, CVE-2016-5114, CVE-2016-5385, CVE-2016-5387, CVE-2016-5399, CVE-2016-5768, CVE-2016-5769, CVE-2016-5770, CVE-2016-5771, CVE-2016-5772, CVE-2016-5773, CVE-2016-6207, CVE-2016-6288, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297, CVE-2016-7124, CVE-2016-7125, CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129, CVE-2016-7130, CVE-2016-7131, CVE-2016-7132, CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418, CVE-2016-8612, CVE-2016-8743, CVE-2016-9137, CVE-2016-9138, CVE-2016-9934, CVE-2016-9935, CVE-2017-11142, CVE-2017-11143, CVE-2017-11144, CVE-2017-11145, CVE-2017-11147, CVE-2017-11628, CVE-2017-12933, CVE-2017-15710, CVE-2017-15715, CVE-2017-15906, CVE-2017-16642, CVE-2017-3167, CVE-2017-3169, CVE-2017-7272, CVE-2017-7679, CVE-2017-7890, CVE-2017-7963, CVE-2017-8923, CVE-2017-9224, CVE-2017-9225, CVE-2017-9226, CVE-2017-9229, CVE-2017-9788, CVE-2017-9798, CVE-2018-10545, CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-14851, CVE-2018-14883, CVE-2018-15132, CVE-2018-15473, CVE-2018-15919, CVE-2018-17082, CVE-2018-17199, CVE-2018-19395, CVE-2018-19396, CVE-2018-19520, CVE-2018-20685, CVE-2018-20783, CVE-2018-5711, CVE-2018-5712, CVE-2018-7584, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9023, CVE-2019-9024, CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9641, CVE-2020-11985, CVE-2020-13938, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2021-23017, CVE-2021-26690, CVE-2021-26691, CVE-2021-34798, CVE-2021-3618, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31628, CVE-2022-31629, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2022-41741, CVE-2022-41742, CVE-2023-25690, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-44487, CVE-2023-45802, CVE-2023-48795, CVE-2023-51385, CVE-2024-24795, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898, CVE-2024-4577, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 04/07/2026, 20:44:47 | - |
| 85.130.189.•••:18789 | - | 🇮🇱 Israel | - | false | Clean | AS6810 | "Bezeq"- THE ISRAEL TELECOMMUNICATION CORP. LTD. | Bezeq | 01/07/2026, 21:59:37 | 02/07/2026, 04:25:06 | - | - | - | - | - | - |
| 117.50.184.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS23724 | IDC, China Telecommunications Corporation / AS4808 China Unicom Beijing Province Network | UCloud | 01/07/2026, 21:59:37 | 12/07/2026, 08:11:39 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Packrat, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2020-8022, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-46589, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-23672, CVE-2024-24549, CVE-2025-24813, CVE-2025-26465, CVE-2025-32728, CVE-2025-55752, CVE-2025-55754, CVE-2025-61795, CVE-2025-61984, CVE-2025-61985 | 02/07/2026, 10:08:50 | ucloud.cn |
| 172.67.200.•••:18789 | - | 🇺🇸 United States | - | false | Clean | AS13335 | Cloudflare, Inc. | Cloudflare | 01/07/2026, 21:59:37 | 02/07/2026, 04:25:05 | - | - | - | - | - | - |
| 118.68.148.•••:18789 | - | 🇻🇳 Vietnam | - | false | Clean | AS18403 | FPT Telecom Company | FPT Telecom | 01/07/2026, 21:59:36 | 02/07/2026, 04:25:05 | - | - | - | - | - | - |
| 139.162.8.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Clean | AS63949 | Akamai Connected Cloud | Linode | 01/07/2026, 21:59:36 | 13/07/2026, 11:22:30 | No | Yes | APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Carbanak, Cobalt Group, DarkHotel Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2017-20005, CVE-2018-15473, CVE-2018-15919, CVE-2018-16843, CVE-2018-16844, CVE-2018-16845, CVE-2018-20685, CVE-2019-20372, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/07/2026, 10:08:09 | - |
| 162.206.151.•••:18789 | - | 🇺🇸 United States | Yes | false | Clean | AS7018 | AT&T Enterprises, LLC | AT&T Enterprises | 01/07/2026, 21:59:36 | 02/07/2026, 04:25:04 | - | - | - | - | - | - |
| 113.87.80.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Leaked | AS4134 | Chinanet | CHINANET Guangdong | 01/07/2026, 21:59:36 | 04/07/2026, 19:59:20 | Yes | No | - | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-19052, CVE-2018-20685, CVE-2018-25103, CVE-2019-11072, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-3708, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 04/07/2026, 14:59:08 | bj189.cn, 118114.cn, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, ideal.sh.cn, daqu.com.cn, ctyun.cn |
| 49.232.93.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 01/07/2026, 21:59:36 | 04/07/2026, 18:33:38 | Yes | Yes | APT37, El-Machete | - | 02/07/2026, 20:10:14 | tencentcloud.com |
| 43.143.122.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 01/07/2026, 21:59:35 | 11/07/2026, 17:54:32 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24989, CVE-2024-24990, CVE-2024-31079, CVE-2024-32760, CVE-2024-34161, CVE-2024-35200 | 08/07/2026, 11:54:14 | tencentcloud.com |
| 43.129.173.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Leaked | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 01/07/2026, 21:59:34 | 13/07/2026, 14:14:59 | Yes | Yes | APT37, El-Machete | - | 03/07/2026, 09:05:16 | tencent.com |
| 155.93.237.•••:18789 | - | 🇿🇦 South Africa | - | false | Clean | AS37680 | Cool Ideas Service Provider (Pty) Ltd | OpenServ IPC National | 01/07/2026, 21:59:33 | 05/07/2026, 12:23:43 | - | - | - | - | - | - |
| 3.17.78.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS16509 | Amazon.com, Inc. | Amazon | 01/07/2026, 21:59:33 | 13/07/2026, 13:31:27 | No | - | - | - | 26/06/2026, 16:37:22 | - |
| 1.13.248.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 01/07/2026, 21:59:33 | 13/07/2026, 13:31:26 | Yes | Yes | APT28, APT35, APT36, APT37, APT39, Cobalt Group, Equation Group, Hafnium Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2020-9484, CVE-2021-25122, CVE-2021-25329, CVE-2021-30640, CVE-2021-33037, CVE-2021-36368, CVE-2021-41079, CVE-2021-41617, CVE-2021-42340, CVE-2021-43980, CVE-2022-23181, CVE-2022-25762, CVE-2022-29885, CVE-2022-34305, CVE-2022-42252, CVE-2023-28708, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 05/07/2026, 03:10:34 | tencentcloud.com |
| 2409:8a28:614:4d51:c683:4fff:fe27:3d06:18789 | - | 🇨🇳 China mainland | - | false | Clean | AS56041 | China Mobile communications corporation | China Mobile | 01/07/2026, 21:59:32 | 04/07/2026, 21:25:21 | - | - | - | - | - | - |
| 47.120.39.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 01/07/2026, 21:59:32 | 14/07/2026, 03:49:37 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385 | 05/07/2026, 01:42:28 | - |
| 90.156.230.•••:18789 | - | 🇰🇿 Kazakhstan | Yes | true | Clean | AS9123 | JSC "TIMEWEB" | Taiwan Cloud | 01/07/2026, 21:59:32 | 14/07/2026, 03:49:34 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 04/07/2026, 20:44:00 | - |
| 52.79.122.•••:18789 | - | 🇰🇷 South Korea | - | false | Clean | AS16509 | Amazon.com, Inc. | AWS Seoul Region | 01/07/2026, 21:59:32 | 02/07/2026, 04:25:01 | - | - | - | - | - | - |
| 58.71.218.•••:18789 | - | 🇲🇾 Malaysia | - | false | Clean | AS9534 | Binariang Berhad | Maxis Broadband | 01/07/2026, 21:57:30 | 03/07/2026, 16:08:15 | No | No | - | - | 26/06/2026, 02:15:06 | - |
| 149.50.152.•••:18789 | - | 🇦🇷 Argentina | - | true | Clean | AS27823 | Dattatec.com | Dattatec | 01/07/2026, 21:57:30 | 14/07/2026, 03:47:25 | - | - | - | - | - | - |
| 54.38.81.•••:18789 | - | 🇫🇷 France | - | false | Leaked | AS16276 | OVH SAS | OVH | 01/07/2026, 21:57:30 | 03/07/2026, 16:08:15 | Yes | Yes | APT17, APT28, APT29, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, Sandworm Team, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-27043, CVE-2024-0397, CVE-2024-12254, CVE-2024-12718, CVE-2024-3219, CVE-2024-39894, CVE-2024-4032, CVE-2024-6232, CVE-2024-6387, CVE-2024-6923, CVE-2024-7592, CVE-2024-8088, CVE-2024-9287, CVE-2025-12084, CVE-2025-12781, CVE-2025-13836, CVE-2025-13837, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414, CVE-2026-4519 | 02/07/2026, 02:15:10 | ovh.net |
| 159.203.125.•••:18789 | - | 🇺🇸 United States | - | false | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 01/07/2026, 21:57:30 | 03/07/2026, 16:08:15 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT36, APT37, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 02/07/2026, 02:15:11 | - |
| 47.111.21.•••:18789 | - | 🇨🇳 China mainland | - | false | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 01/07/2026, 21:57:30 | 05/07/2026, 00:57:00 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617 | 02/07/2026, 02:15:12 | - |
| 85.130.189.•••:18789 | - | 🇮🇱 Israel | - | false | Clean | AS6810 | "Bezeq"- THE ISRAEL TELECOMMUNICATION CORP. LTD. | Bezeq | 01/07/2026, 21:57:30 | 03/07/2026, 16:08:15 | Yes | - | - | - | 02/07/2026, 02:15:13 | duckdns.org |
| 45.79.145.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS63949 | Akamai Connected Cloud | Linode | 01/07/2026, 21:20:11 | 11/07/2026, 07:59:51 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2022-37451, CVE-2022-37452, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 01/07/2026, 23:31:45 | - |
| 119.29.13.•••:8081 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 01/07/2026, 21:20:10 | 11/07/2026, 15:07:18 | Yes | Yes | APT37, El-Machete | - | 01/07/2026, 23:31:48 | tencent.com |
| 162.243.50.•••:443 | - | 🇺🇸 United States | Yes | false | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 01/07/2026, 21:20:10 | 02/07/2026, 23:05:16 | - | - | - | - | - | - |
| 38.76.183.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Leaked | AS401701 | cognetcloud INC | Hong Kong Cloud Network Technology Co Ltd | 01/07/2026, 21:20:10 | 11/07/2026, 17:58:44 | Yes | No | - | - | 01/07/2026, 23:31:50 | cogentco.com |
| 113.186.192.•••:18789 | - | 🇻🇳 Vietnam | Yes | false | Clean | AS45899 | VNPT Corp | VNPT | 01/07/2026, 21:20:09 | 02/07/2026, 07:20:02 | - | - | - | - | - | - |
| 35.176.101.•••:443 | - | 🇬🇧 United Kingdom | Yes | true | Clean | AS16509 | Amazon.com, Inc. | Amazon Web Services | 01/07/2026, 21:20:08 | 14/07/2026, 03:53:51 | No | No | - | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 01/07/2026, 23:32:04 | - |
| 160.30.160.•••:443 | - | 🇻🇳 Vietnam | Yes | true | Clean | AS152979 | Vietservice Technology Company Limited | Vietservice Technology Company Limited | 01/07/2026, 21:20:08 | 14/07/2026, 03:11:01 | No | No | - | - | 25/06/2026, 23:32:07 | - |
| 163.227.239.•••:18789 | - | 🇧🇩 Bangladesh | Yes | true | Leaked | AS150142 | Wolast Technologies | Server Anywhere | 01/07/2026, 21:20:08 | 13/07/2026, 21:28:42 | Yes | No | - | CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 01/07/2026, 23:32:08 | serveranywhere.net |
| 183.147.242.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Clean | AS4134 | Chinanet | ChinaNet Jinhua Node Network | 01/07/2026, 21:20:07 | 04/07/2026, 19:20:37 | No | No | - | - | 25/06/2026, 23:32:17 | - |
| 34.156.149.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS396982 | Google LLC | 01/07/2026, 21:20:07 | 14/07/2026, 03:52:47 | - | - | - | - | - | - | |
| 47.203.73.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS5650 | Frontier Communications of America, Inc. | FTR3 FiberOptic Tampa | 01/07/2026, 21:20:06 | 13/07/2026, 00:01:41 | No | No | - | - | 25/06/2026, 23:32:33 | - |
| 162.14.198.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 01/07/2026, 21:20:06 | 12/07/2026, 08:16:08 | No | No | - | - | 25/06/2026, 23:32:35 | - |
| 45.79.145.•••:18789 | - | 🇺🇸 United States | Yes | false | Clean | AS63949 | Akamai Connected Cloud | Linode | 01/07/2026, 21:20:05 | 02/07/2026, 08:02:58 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2010-4478, CVE-2010-5107, CVE-2011-4327, CVE-2011-5000, CVE-2012-0814, CVE-2016-0777, CVE-2016-20012, CVE-2017-15906, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-36632, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-11168, CVE-2024-3219, CVE-2024-39894, CVE-2024-4032, CVE-2024-6232, CVE-2024-6387, CVE-2024-6923, CVE-2024-7592, CVE-2024-8088, CVE-2024-9287, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 01/07/2026, 23:32:36 | - |
| 42.194.217.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 01/07/2026, 21:18:23 | 14/07/2026, 00:59:53 | Yes | Yes | APT37, El-Machete | - | 02/07/2026, 02:19:02 | tencent.com, tencentcloud.com |
| 45.79.145.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS63949 | Akamai Connected Cloud | Linode | 01/07/2026, 21:18:23 | 11/07/2026, 03:39:40 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2022-37451, CVE-2022-37452, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/07/2026, 02:19:04 | - |
| 119.29.13.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 01/07/2026, 21:18:22 | 11/07/2026, 10:48:23 | Yes | Yes | APT37, El-Machete | - | 02/07/2026, 03:02:53 | tencent.com |
| 38.76.183.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Leaked | AS401701 | cognetcloud INC | Hong Kong Cloud Network Technology Co Ltd | 01/07/2026, 21:18:22 | 11/07/2026, 13:39:16 | Yes | No | - | - | 02/07/2026, 02:19:07 | cogentco.com |
| 162.243.50.•••:18789 | - | 🇺🇸 United States | - | false | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 01/07/2026, 21:18:22 | 02/07/2026, 19:30:20 | - | - | - | - | - | - |
| 113.186.192.•••:18789 | - | 🇻🇳 Vietnam | Yes | false | Clean | AS45899 | VNPT Corp | VNPT | 01/07/2026, 21:18:21 | 02/07/2026, 03:44:09 | - | - | - | - | - | - |
| 35.176.101.•••:18789 | - | 🇬🇧 United Kingdom | - | true | Clean | AS16509 | Amazon.com, Inc. | Amazon Web Services | 01/07/2026, 21:18:20 | 14/07/2026, 00:59:55 | No | No | - | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 02/07/2026, 02:19:24 | - |
| 160.30.160.•••:18789 | - | 🇻🇳 Vietnam | - | true | Clean | AS152979 | Vietservice Technology Company Limited | Vietservice Technology Company Limited | 01/07/2026, 21:18:20 | 13/07/2026, 22:51:49 | No | No | - | - | 26/06/2026, 02:19:27 | - |
| 163.227.239.•••:18789 | - | 🇧🇩 Bangladesh | Yes | true | Leaked | AS150142 | Wolast Technologies | Server Anywhere | 01/07/2026, 21:18:20 | 13/07/2026, 17:08:14 | Yes | No | - | CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 02/07/2026, 02:19:28 | serveranywhere.net |
| 183.147.242.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Clean | AS4134 | Chinanet | ChinaNet Jinhua Node Network | 01/07/2026, 21:18:18 | 04/07/2026, 16:26:39 | No | No | - | - | 26/06/2026, 02:19:45 | - |