🦞 OpenClaw Exposure Watchboard

This page lists publicly reachable active OpenClaw instances for defensive awareness. If this is your deployment, enable authentication, remove direct public exposure, and patch immediately.

Exposed Instances: 651864 Page: 238 / 6519 (100 per page) Showing: 23701-23800 Last Imported: 13/04/2026, 13:41:02
Build With Vivgrid

Ship Secure Enterprise AI Agents 10× Faster with vivgrid.com

Vivgrid gives you authentication, model gateway, tool control, cost tracking, and enterprise observability — everything you need to ship AI agents safely at scale.

Explore Vivgrid
Showing page 238 of 6519
Previous Next
Endpoint Assistant Name Country auth_requiredis_activehas_leaked_credsasnasn_nameorgfirst_seenlast_seenasi_has_breachasi_has_threat_actorasi_threat_actorsasi_cvesasi_enriched_atasi_domains
172.215.227.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationCloud10/04/2026, 00:09:2310/04/2026, 03:50:41 - - ----
207.180.227.•••:18789 - 🇩🇪 Germany Yes true Clean AS51167Contabo GmbHContabo10/04/2026, 00:09:2310/04/2026, 03:50:41 - - ----
121.207.55.•••:18789 - 🇨🇳 China mainland Yes true Clean AS4134ChinanetCHINANET Fujian10/04/2026, 00:09:2310/04/2026, 03:50:41 - - ----
110.42.132.•••:18789 - 🇨🇳 China mainland Yes true Clean AS45090Shenzhen Tencent Computer Systems Company LimitedTencent Cloud10/04/2026, 00:09:2210/04/2026, 17:41:34 - - ----
47.95.243.•••:18789 - 🇨🇳 China mainland Yes true Clean AS37963Hangzhou Alibaba Advertising Co.,Ltd.Alisoft10/04/2026, 00:09:2213/04/2026, 05:32:52 No Yes APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow BrokersCVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-4161713/04/2026, 01:45:35-
20.65.123.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft10/04/2026, 00:09:2210/04/2026, 03:50:40 - - ----
134.175.53.•••:18789 - 🇨🇳 China mainland Yes true Clean AS45090Shenzhen Tencent Computer Systems Company LimitedTencent Cloud Computing10/04/2026, 00:09:2210/04/2026, 03:50:40 - - ----
125.82.71.•••:18789 - 🇨🇳 China mainland Yes true Clean AS4134ChinanetChinaNet Chongqing10/04/2026, 00:09:2110/04/2026, 03:50:39 - - ----
113.224.136.•••:18789 - 🇨🇳 China mainland Yes true Clean AS4837CHINA UNICOM China169 BackboneChina Unicom Liaoning10/04/2026, 00:09:2110/04/2026, 03:50:39 - - ----
52.79.59.•••:18789 - 🇰🇷 South Korea - true Clean AS16509Amazon.com, Inc.AWS Seoul Region10/04/2026, 00:09:2110/04/2026, 09:27:06 - - ----
4.217.195.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft10/04/2026, 00:09:2110/04/2026, 03:50:39 - - ----
15.188.134.•••:18789 - 🇫🇷 France - true Clean AS16509Amazon.com, Inc.Amazon Web Services10/04/2026, 00:09:2113/04/2026, 12:50:10 No No -CVE-2021-23017, CVE-2021-3618, CVE-2022-41741, CVE-2022-41742, CVE-2023-44487, CVE-2024-734713/04/2026, 01:10:28-
39.98.81.•••:18789 - 🇨🇳 China mainland - true Clean AS37963Hangzhou Alibaba Advertising Co.,Ltd.Alisoft10/04/2026, 00:09:2012/04/2026, 23:49:44 - - ----
163.7.9.•••:18789 - 🇸🇬 Singapore - true Leaked AS150436Byteplus Pte. Ltd.Byteplus10/04/2026, 00:09:2012/04/2026, 23:06:02 Yes No -CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198512/04/2026, 22:21:23bytedance.com
35.183.68.•••:18789 - 🇨🇦 Canada - true Clean AS16509Amazon.com, Inc.Amazon Web Services Canada10/04/2026, 00:09:2013/04/2026, 12:50:57 No No --07/04/2026, 07:48:06-
20.97.122.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft10/04/2026, 00:09:2010/04/2026, 03:50:38 - - ----
142.198.68.•••:18789 - 🇨🇦 Canada - true Clean AS577Bell CanadaHealth and Safety Executive10/04/2026, 00:09:2012/04/2026, 22:20:56 - - ----
43.163.251.•••:18789 - 🇸🇬 Singapore Yes true Leaked AS132203Tencent Building, Kejizhongyi AvenueAceville Pte Ltd10/04/2026, 00:09:2013/04/2026, 12:50:32 Yes No -CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198510/04/2026, 03:25:55tencent.com
144.217.167.•••:18789 - 🇨🇦 Canada Yes true Clean AS16276OVH SASOVH Hosting10/04/2026, 00:09:2013/04/2026, 12:50:53 No No -CVE-2016-20012, CVE-2020-14145, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198513/04/2026, 08:01:10-
27.19.24.•••:18789 - 🇨🇳 China mainland - true Clean AS137266CHINATELECOM Hubei province Wuhan 5G networkChinaNet Hubei10/04/2026, 00:09:1910/04/2026, 03:50:38 - - ----
44.218.205.•••:18789 - 🇺🇸 United States - true Clean AS14618Amazon.com, Inc.Amazon Web Services10/04/2026, 00:09:1910/04/2026, 12:22:43 - - ----
154.81.38.•••:18789 - 🇺🇸 United States Yes true Clean AS140869Turing Group LimitedTuring Group Limited10/04/2026, 00:09:1813/04/2026, 05:32:35 - - ----
209.38.88.•••:18789 - 🇦🇺 Australia - true Clean AS14061DigitalOcean, LLCDigitalOcean10/04/2026, 00:09:1812/04/2026, 23:49:21 No Yes Salt TyphoonCVE-2016-20012, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-42516, CVE-2024-43204, CVE-2024-43394, CVE-2024-47252, CVE-2024-5458, CVE-2024-6387, CVE-2025-23048, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020, CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-61984, CVE-2025-61985, CVE-2025-65082, CVE-2025-6620010/04/2026, 02:50:14-
149.102.150.•••:18789 - 🇩🇪 Germany Yes true Clean AS51167Contabo GmbHContabo10/04/2026, 00:09:1810/04/2026, 03:50:37 - - ----
13.220.67.•••:18789 - 🇺🇸 United States - true Clean AS14618Amazon.com, Inc.Amazon Web Services10/04/2026, 00:09:1810/04/2026, 03:50:37 - - ----
154.193.238.•••:18789 - 🇺🇸 United States Yes true Clean AS400619AROSSCLOUD INC.Fastmos Co Limited10/04/2026, 00:09:1812/04/2026, 23:49:59 - - ----
204.168.134.•••:18789 - 🇫🇮 Finland - true Clean AS24940Hetzner Online GmbHHetzner10/04/2026, 00:09:1810/04/2026, 09:27:18 No - -CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198510/04/2026, 04:36:09-
43.133.181.•••:18789 - 🇯🇵 Japan - true Clean AS132203Tencent Building, Kejizhongyi AvenueAceville Pte Ltd10/04/2026, 00:09:1810/04/2026, 03:50:37 - - ----
204.168.232.•••:18789 - 🇫🇮 Finland Yes true Clean AS24940Hetzner Online GmbHHetzner Online10/04/2026, 00:09:1712/04/2026, 23:50:24 - - ----
154.193.234.•••:18789 - 🇺🇸 United States Yes true Clean AS400619AROSSCLOUD INC.Fastmos Co Limited10/04/2026, 00:09:1713/04/2026, 05:32:05 - - ----
154.193.236.•••:18789 - 🇺🇸 United States Yes true Clean AS400619AROSSCLOUD INC.Fastmos Co Limited10/04/2026, 00:09:1712/04/2026, 23:49:54 - - ----
34.30.52.•••:18789 - 🇺🇸 United States Yes true Clean AS396982Google LLCGoogle10/04/2026, 00:09:1713/04/2026, 05:33:02 No No --07/04/2026, 01:09:37-
175.178.63.•••:18789 - 🇨🇳 China mainland - true Leaked AS45090Shenzhen Tencent Computer Systems Company LimitedTencent Cloud10/04/2026, 00:06:5411/04/2026, 05:34:24 Yes Yes APT15, APT28, APT29, APT31, APT34, APT37, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt TyphoonCVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-5138510/04/2026, 07:11:23tencent.com
172.202.194.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationCloud10/04/2026, 00:06:5411/04/2026, 05:34:24 No - --04/04/2026, 07:11:24-
45.32.49.•••:18789 - 🇯🇵 Japan - true Leaked AS20473The Constant Company, LLCVultr Holdings10/04/2026, 00:06:5411/04/2026, 05:34:24 Yes No --10/04/2026, 07:11:25vultr.com
52.141.5.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft10/04/2026, 00:06:5411/04/2026, 05:34:24 - - ----
20.194.49.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft10/04/2026, 00:06:5411/04/2026, 05:34:24 No No -CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-4161710/04/2026, 07:11:27-
165.245.182.•••:18789 - 🇸🇬 Singapore Yes true Clean AS14061DigitalOcean, LLCDigitalOcean10/04/2026, 00:06:5411/04/2026, 05:34:24 - - ----
61.160.249.•••:18789 - 🇺🇸 United States - true Leaked AS140293CHINATELECOM Jiangsu province Changzhou 5G networkChinaNet Jiangsu10/04/2026, 00:06:5411/04/2026, 05:34:24 Yes Yes APT-C-23, APT36, Cobalt Group, Equation Group, Gamaredon Group, Ghostwriter, Lazarus Group, Sea Turtle Group, Turla APT Group, Volt TyphoonCVE-2016-0762, CVE-2016-20012, CVE-2016-5018, CVE-2016-5388, CVE-2016-6794, CVE-2016-6796, CVE-2016-6797, CVE-2016-6816, CVE-2016-8735, CVE-2016-8745, CVE-2017-12617, CVE-2017-15906, CVE-2017-5647, CVE-2017-5648, CVE-2017-5664, CVE-2017-7674, CVE-2018-1304, CVE-2018-1305, CVE-2018-1336, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2018-8014, CVE-2018-8034, CVE-2019-20372, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2020-8022, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51385, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198510/04/2026, 07:11:31bj189.cn, 118114.cn, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, ideal.sh.cn, daqu.com.cn, ctyun.cn
192.144.15.•••:18789 - 🇷🇺 Russia - true Clean AS208677"Cloud Technologies" LLC trading as Cloud.ruCloud.ru10/04/2026, 00:06:5413/04/2026, 13:26:58 Yes Yes APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt TyphoonCVE-2016-10002, CVE-2016-10003, CVE-2016-2390, CVE-2016-3947, CVE-2016-3948, CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054, CVE-2016-4553, CVE-2016-4554, CVE-2016-4555, CVE-2016-4556, CVE-2018-1000024, CVE-2019-12519, CVE-2019-12521, CVE-2019-12523, CVE-2019-12525, CVE-2019-12526, CVE-2019-12529, CVE-2019-18676, CVE-2019-18677, CVE-2019-18678, CVE-2019-18679, CVE-2020-11945, CVE-2020-14058, CVE-2020-15049, CVE-2020-24606, CVE-2020-25097, CVE-2021-28651, CVE-2021-28652, CVE-2021-31807, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-638710/04/2026, 07:11:33cloudtech.ie
4.225.204.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft10/04/2026, 00:06:5411/04/2026, 05:34:24 No No -CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198510/04/2026, 07:11:34-
20.89.232.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft10/04/2026, 00:06:5411/04/2026, 05:34:24 No Yes APT1, APT28, APT35, APT37, APT39, Cobalt Group, El-Machete, FIN8, Gamaredon-Group, Gozi, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers, goziCVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-4161710/04/2026, 07:11:36-
20.3.216.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft10/04/2026, 00:06:5411/04/2026, 05:34:24 - - ----
20.242.88.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft10/04/2026, 00:06:5411/04/2026, 05:34:24 - - ----
20.89.88.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft10/04/2026, 00:06:5411/04/2026, 05:34:24 - - ----
4.255.140.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft10/04/2026, 00:06:5411/04/2026, 05:34:24 No Yes APT15, APT28, APT31, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APTCVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-5138510/04/2026, 07:11:43-
20.214.202.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft10/04/2026, 00:06:5411/04/2026, 05:34:24 No No --04/04/2026, 07:11:45-
23.101.183.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft10/04/2026, 00:06:5411/04/2026, 05:34:23 - - ----
178.104.95.•••:18789 - 🇩🇪 Germany - true Clean AS24940Hetzner Online GmbHHetzner10/04/2026, 00:06:5313/04/2026, 13:26:10 - - ----
111.229.189.•••:18789 - 🇨🇳 China mainland Yes true Leaked AS45090Shenzhen Tencent Computer Systems Company LimitedTencent Cloud10/04/2026, 00:06:5313/04/2026, 13:26:30 Yes No --10/04/2026, 07:11:52tencent.com
172.215.227.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationCloud10/04/2026, 00:06:5311/04/2026, 05:34:23 - - ----
44.212.47.•••:18789 - 🇺🇸 United States - true Clean AS14618Amazon.com, Inc.Amazon Web Services10/04/2026, 00:06:5313/04/2026, 13:26:23 - - ----
20.65.123.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft10/04/2026, 00:06:5311/04/2026, 05:34:23 No No --04/04/2026, 07:11:55-
52.79.59.•••:18789 - 🇰🇷 South Korea - true Clean AS16509Amazon.com, Inc.AWS Seoul Region10/04/2026, 00:06:5311/04/2026, 05:34:23 No No --04/04/2026, 07:11:56-
15.188.134.•••:18789 - 🇫🇷 France - true Clean AS16509Amazon.com, Inc.Amazon Web Services10/04/2026, 00:06:5313/04/2026, 13:26:37 No No -CVE-2021-23017, CVE-2021-3618, CVE-2022-41741, CVE-2022-41742, CVE-2023-44487, CVE-2024-734710/04/2026, 07:11:57-
91.99.85.•••:18789 - 🇩🇪 Germany - true Leaked AS24940Hetzner Online GmbHHetzner Online10/04/2026, 00:06:5311/04/2026, 05:34:23 Yes No -CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198510/04/2026, 07:11:59hetzner.com
20.97.122.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft10/04/2026, 00:06:5311/04/2026, 06:19:08 No Yes APT17, APT38, DragonFly, FIN8, Packrat-10/04/2026, 07:12:00-
209.38.88.•••:18789 - 🇦🇺 Australia - true Clean AS14061DigitalOcean, LLCDigitalOcean10/04/2026, 00:06:5313/04/2026, 13:26:42 No Yes Salt TyphoonCVE-2016-20012, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-42516, CVE-2024-43204, CVE-2024-43394, CVE-2024-47252, CVE-2024-5458, CVE-2024-6387, CVE-2025-23048, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020, CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-61984, CVE-2025-61985, CVE-2025-65082, CVE-2025-6620010/04/2026, 07:12:02-
3.107.2.•••:18789 - 🇦🇺 Australia - true Clean AS16509Amazon.com, Inc.Amazon Corporate Services10/04/2026, 00:06:5313/04/2026, 13:27:15 No No -CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198510/04/2026, 07:12:03-
136.244.106.•••:18789 - 🇳🇱 Netherlands - true Leaked AS20473The Constant Company, LLCVultr Holdings10/04/2026, 00:06:5313/04/2026, 13:26:59 Yes Yes APT15, APT17, APT28, APT29, APT31, APT34, APT36, APT37, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt TyphoonCVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198510/04/2026, 07:12:04nip.io, vultr.com
170.9.51.•••:18789 - 🇺🇸 United States - true Clean AS31898Oracle CorporationOracle10/04/2026, 00:06:5313/04/2026, 13:26:21 - - ----
43.133.181.•••:18789 - 🇯🇵 Japan - true Leaked AS132203Tencent Building, Kejizhongyi AvenueAceville Pte Ltd10/04/2026, 00:06:5311/04/2026, 06:19:08 Yes Yes APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt TyphoonCVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198510/04/2026, 07:12:07tencent.com
16.26.43.•••:443 - 🇦🇺 Australia - true Clean AS16509Amazon.com, Inc.Amazon Web Services09/04/2026, 23:34:0012/04/2026, 23:59:18 No No -CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198509/04/2026, 23:34:10-
124.227.200.•••:18789 - 🇨🇳 China mainland - true Leaked AS4134ChinanetCHINANET Guangxi09/04/2026, 23:33:5912/04/2026, 23:59:17 Yes No -CVE-2020-1172409/04/2026, 23:34:11bj189.cn, 118114.cn, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, ideal.sh.cn, daqu.com.cn, ctyun.cn
47.239.242.•••:18789 - 🇭🇰 Hong Kong Yes true Clean AS45102Alibaba (US) Technology Co., Ltd.Alibaba Cloud HK09/04/2026, 23:33:5912/04/2026, 23:59:17 No Yes Salt TyphoonCVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198509/04/2026, 23:34:14-
3.96.59.•••:5381 - 🇨🇦 Canada - true Clean AS16509Amazon.com, Inc.Amazon Web Services Canada09/04/2026, 23:33:5912/04/2026, 23:59:16 - - ----
3.96.59.•••:30531 - 🇨🇦 Canada - true Clean AS16509Amazon.com, Inc.Amazon Web Services Canada09/04/2026, 23:33:5812/04/2026, 23:59:16 - - ----
216.126.227.•••:18789 Assistant 🇺🇸 United States Yes true Leaked AS14956RouterHosting LLCRouter Hosting09/04/2026, 23:33:5812/04/2026, 23:59:16 Yes Yes APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow BrokersCVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198509/04/2026, 23:34:18cloudzy.com
16.51.197.•••:18789 - 🇦🇺 Australia - true Clean AS16509Amazon.com, Inc.Amazon Web Services09/04/2026, 23:31:4612/04/2026, 23:57:41 - - ----
15.237.128.•••:18789 - 🇫🇷 France - true Clean AS16509Amazon.com, Inc.Amazon Web Services09/04/2026, 23:31:4512/04/2026, 23:57:41 No Yes APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt TyphoonCVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-5138509/04/2026, 23:36:30-
13.246.159.•••:18789 - 🇿🇦 South Africa - true Clean AS16509Amazon.com, Inc.Amazon Data Services09/04/2026, 23:31:4512/04/2026, 23:57:41 - - ----
34.229.7.•••:18789 - 🇺🇸 United States - true Clean AS14618Amazon.com, Inc.Amazon09/04/2026, 23:31:4512/04/2026, 23:57:41 No No -CVE-2019-20372, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2021-23017, CVE-2021-3618, CVE-2022-41741, CVE-2022-41742, CVE-2023-44487, CVE-2024-7347, CVE-2025-2341909/04/2026, 23:36:33-
20.210.90.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft09/04/2026, 23:31:4512/04/2026, 23:57:40 No No -CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-4161709/04/2026, 23:36:34-
44.222.107.•••:18789 - 🇺🇸 United States - true Clean AS14618Amazon.com, Inc.Amazon Web Services09/04/2026, 23:31:4512/04/2026, 23:57:40 No No -CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-3272809/04/2026, 23:36:35-
20.205.32.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft09/04/2026, 23:31:4512/04/2026, 23:57:40 No Yes APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow BrokersCVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-4161709/04/2026, 23:36:36-
20.7.67.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft09/04/2026, 23:31:4512/04/2026, 23:57:40 No No --03/04/2026, 23:36:37-
18.101.142.•••:18789 - 🇪🇸 Spain - true Clean AS16509Amazon.com, Inc.Amazon Data Services Spain09/04/2026, 23:31:4412/04/2026, 23:57:40 - - ----
78.13.156.•••:18789 - 🇲🇽 Mexico - true Clean AS16509Amazon.com, Inc.Amazon Web Services Mexico09/04/2026, 23:31:4412/04/2026, 23:57:40 - - ----
43.210.64.•••:18789 - 🇹🇭 Thailand Yes true Leaked AS16509Amazon.com, Inc.Amazon09/04/2026, 23:31:4412/04/2026, 23:57:40 Yes No -CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198509/04/2026, 23:36:41amazon.fr, bookworm.com, amazon.com.br, audible.com, lovefilm.com, amazon.eu, amzaon.com, amazaon.com, audible.in, z-exp.com, amozon.com, aws-amazon.com, shopbop.com, accept.com, amazonn.com, boxofficemojo.com, amazonaws-us-gov.com, amaozn.com, awsamazon.com, amazonmusiclocal.com, a9.com, amzzon.com, mturk.com, amazonaws.cm, com.be, amazonpay.com, rooftopmedia.net, vine.com, imdb.com, ssl-images-amazon.com, amazon.com.au, amazon-rings.com, assoc-amazon.com, amazonin.com, amzn.asia, annapurnalabs.com, apn-portal.com, evi.com, amazonprime.com, audiblecareers.com, beautybar.com, junglee.com, amazon.ae, tenmarks.com, amazonwebservices.net, associates-amazon.com, amazonrobotics.com, amazon-aws.com, endless.com, amazonlocal.com, amazonm.com, amazonllc.com, media-imdb.com, amazon.com.tw, createspace.com, amazonaws.com, amzn.com, amazon.com, images-amazon.com, amazon.com.co
18.117.228.•••:18789 - 🇺🇸 United States Yes true Leaked AS16509Amazon.com, Inc.Amazon09/04/2026, 23:31:4312/04/2026, 23:57:39 Yes No -CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198509/04/2026, 23:36:43iclinic.com.br, afya.com.br, cloudflare.net, iclinicpay.com.br, unigranrio.com.br, cardiopapers.com.br, pdcsaude.com.br, rxpro.com.br, pebmed.com.br
75.101.243.•••:18789 - 🇺🇸 United States - true Clean AS14618Amazon.com, Inc.Amazon Web Services09/04/2026, 23:31:4312/04/2026, 23:57:39 No Yes APT1 Comment Crew, APT15, APT17, APT27, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Earth Longzhi, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt TyphoonCVE-2016-20012, CVE-2020-11022, CVE-2020-11023, CVE-2020-23064, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-40725, CVE-2024-40898, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198509/04/2026, 23:36:44-
34.250.95.•••:18789 - 🇮🇪 Ireland - true Clean AS16509Amazon.com, Inc.Amazon Data Services Ireland09/04/2026, 23:31:4312/04/2026, 23:57:39 No No -CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198509/04/2026, 23:36:45-
18.130.34.•••:18789 - 🇬🇧 United Kingdom - true Clean AS16509Amazon.com, Inc.Amazon Web Services09/04/2026, 23:31:4212/04/2026, 23:57:38 No Yes APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow BrokersCVE-2015-8325, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-3115, CVE-2016-6210, CVE-2016-6515, CVE-2016-8858, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-4161709/04/2026, 23:36:46-
3.96.138.•••:18789 - 🇨🇦 Canada - true Clean AS16509Amazon.com, Inc.Amazon Web Services Canada09/04/2026, 23:31:4212/04/2026, 23:57:38 No No -CVE-2016-20012, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198509/04/2026, 23:36:47-
3.223.4.•••:18789 - 🇺🇸 United States - true Clean AS14618Amazon.com, Inc.Amazon Web Services09/04/2026, 23:31:4212/04/2026, 23:57:38 No No --03/04/2026, 23:36:49-
47.254.24.•••:18789 Assistant 🇺🇸 United States Yes true Clean AS45102Alibaba (US) Technology Co., Ltd.Alibaba Cloud US09/04/2026, 23:31:4212/04/2026, 23:57:37 Yes Yes APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow BrokersCVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6110, CVE-2020-14145, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198509/04/2026, 23:36:50kelunrd.com
20.236.52.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationMicrosoft09/04/2026, 23:31:4112/04/2026, 23:57:37 No - --03/04/2026, 23:36:52-
15.168.69.•••:18789 - 🇯🇵 Japan - true Clean AS16509Amazon.com, Inc.Amazon Web Services Osaka09/04/2026, 23:31:4112/04/2026, 23:57:36 No No --03/04/2026, 23:36:53-
43.203.237.•••:18789 - 🇰🇷 South Korea - true Clean AS16509Amazon.com, Inc.Amazon09/04/2026, 23:31:4112/04/2026, 23:57:36 No No -CVE-2023-44487, CVE-2024-7347, CVE-2025-2341909/04/2026, 23:36:54-
3.249.70.•••:18789 - 🇮🇪 Ireland - true Clean AS16509Amazon.com, Inc.Amazon Data Services Ireland09/04/2026, 23:31:4012/04/2026, 23:57:36 No No --03/04/2026, 23:36:55-
162.243.212.•••:18789 - 🇺🇸 United States - true Clean AS14061DigitalOcean, LLCDigitalOcean09/04/2026, 23:31:4012/04/2026, 23:57:36 No Yes APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt TyphoonCVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-5138509/04/2026, 23:36:56-
172.184.165.•••:18789 - 🇺🇸 United States - true Clean AS8075Microsoft CorporationCloud09/04/2026, 23:31:3912/04/2026, 23:57:35 - - ----
15.204.141.•••:10058 - 🇺🇸 United States Yes true Clean AS16276OVH SAS[name redacted]09/04/2026, 23:29:1212/04/2026, 23:54:25 - - ----
54.202.213.•••:443 - 🇺🇸 United States Yes true Clean AS16509Amazon.com, Inc.Amazon09/04/2026, 23:29:0212/04/2026, 23:55:08 - - ----
132.145.173.•••:18789 - 🇺🇸 United States Yes true Leaked AS31898Oracle CorporationOracle Cloud09/04/2026, 23:29:0212/04/2026, 22:26:03 Yes Yes APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, DragonFly, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Packrat, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon, goziCVE-2018-16845, CVE-2019-20372, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2021-23017, CVE-2021-3618, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198512/04/2026, 15:03:04healtheintent.com, purewellness.com, cerner.ae, retek.com, tryfoexnow.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, oracle.com, hiedirectconnect.org, maxymiser.net, oraclecloudservices.com, rsys2.net, hyperroll.com, nor1.com, oxygen.systems, oraclegovcloud.com, orcale.com, oraclemobile.com, sun.co.in, openair.co, oraclepdemos.com, stellent.com, siebel.com, cerner.net, oracle-cloud.com, docucorp.com, mvalent.com, elementfusion.com, netsuiteforms.com, oracleemaildelivery.com, oraclecloud.com, en25.com, solaris.com, rightnowtech.com, think.com, ipapp.com, jdedwards.com, tiger-institute.org, zenedge.com, skire.com, sun.com, sales.com, fyleio.com, push.io, estara.com, tekelec.com, textura.com, paymyhealthbill.com, dyndns.com, java.net, optika.com, jcp.org, smed.com, cernerenviza-tw.com, datafox.com, recruitmax.com, decisioneering.com, adiinsights.com, stortek.com, seebeyond.com, livelook.com, openjdk.org, virtualbox.org, dyn.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, storagetek.com, oracledatacloud.com
98.126.102.•••:10081 - 🇺🇸 United States Yes true Clean AS4213Krypt TechnologiesKrypt Technologies09/04/2026, 23:29:0212/04/2026, 23:54:42 - - ----
3.237.232.•••:443 - 🇺🇸 United States - true Clean AS14618Amazon.com, Inc.Amazon Web Services09/04/2026, 23:29:0210/04/2026, 00:59:43 - - ----
42.51.39.•••:50000 - 🇨🇳 China mainland Yes true Clean AS56005Zhengzhou Fastidc Technology Co.,Ltd.Henan Telcom Union Technology09/04/2026, 23:29:0213/04/2026, 12:16:45 No Yes APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt TyphoonCVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-5138513/04/2026, 12:28:06-
150.158.27.•••:18789 - 🇨🇳 China mainland Yes true Clean AS45090Shenzhen Tencent Computer Systems Company LimitedTencent Cloud Computing09/04/2026, 23:29:0210/04/2026, 00:14:18 - - ----
34.14.166.•••:18789 - 🇺🇸 United States Yes true Clean AS396982Google LLCGoogle09/04/2026, 23:29:0210/04/2026, 00:59:42 - - ----