🦞 OpenClaw Exposure Watchboard
This page lists publicly reachable active OpenClaw instances for defensive awareness. If this is your deployment, enable authentication, remove direct public exposure, and patch immediately.
Exposed Instances: 926582 Page: 425 / 9266 (100 per page) Showing: 42401-42500 Last Imported: 07/06/2026, 03:36:56
🇨🇳 458,280
🇺🇸 265,401
Build With Vivgrid
Explore Vivgrid Ship Secure Enterprise AI Agents 10× Faster with vivgrid.com
Vivgrid gives you authentication, model gateway, tool control, cost tracking, and enterprise observability — everything you need to ship AI agents safely at scale.
| Endpoint | Assistant Name | Country | auth_required | is_active | has_leaked_creds | asn | asn_name | org | first_seen | last_seen | asi_has_breach | asi_has_threat_actor | asi_threat_actors | asi_cves | asi_enriched_at | asi_domains |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 103.52.114.•••:18789 | - | 🇮🇩 Indonesia | Yes | false | Clean | AS136052 | PT Cloud Hosting Indonesia | Digital Ekonomi Indonesia | 24/05/2026, 23:58:43 | 25/05/2026, 07:02:23 | No | No | - | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 25/05/2026, 07:04:48 | - |
| 152.69.191.•••:18789 | - | 🇺🇸 United States | - | true | Leaked | AS31898 | Oracle Corporation | Oracle | 24/05/2026, 23:58:43 | 05/06/2026, 23:51:57 | Yes | Yes | APT28, APT35, APT37, APT39, Cobalt Group, DragonFly, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers, gozi | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617 | 25/05/2026, 07:04:49 | healtheintent.com, purewellness.com, cerner.ae, retek.com, tryfoexnow.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, healtheatcerner.com, oracle.com, hiedirectconnect.org, maxymiser.net, oraclecloudservices.com, rsys2.net, hyperroll.com, nor1.com, oxygen.systems, oraclegovcloud.com, orcale.com, oraclemobile.com, sun.co.in, openair.co, oraclepdemos.com, stellent.com, siebel.com, cerner.net, oracle-cloud.com, docucorp.com, mvalent.com, netsuitesuiteprojectspro.com, elementfusion.com, netsuiteforms.com, oraclecloud.com, en25.com, solaris.com, rightnowtech.com, think.com, ipapp.com, jdedwards.com, tiger-institute.org, zenedge.com, skire.com, sun.com, ateam-oracle.com, sales.com, fyleio.com, push.io, estara.com, tekelec.com, textura.com, paymyhealthbill.com, dyndns.com, java.net, optika.com, jcp.org, smed.com, cernerenviza-tw.com, datafox.com, recruitmax.com, decisioneering.com, adiinsights.com, stortek.com, seebeyond.com, livelook.com, openjdk.org, virtualbox.org, dyn.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, storagetek.com, oracledatacloud.com |
| 122.51.61.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 24/05/2026, 23:58:43 | 31/05/2026, 13:20:59 | Yes | Yes | APT37, El-Machete | - | 25/05/2026, 07:05:02 | tencent.com |
| 20.91.207.•••:18789 | - | 🇺🇸 United States | - | false | Clean | AS8075 | Microsoft Corporation | Microsoft | 24/05/2026, 23:58:43 | 25/05/2026, 07:02:22 | No | - | - | - | 19/05/2026, 07:05:03 | - |
| 44.195.243.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS14618 | Amazon.com, Inc. | Amazon Web Services | 24/05/2026, 23:58:43 | 05/06/2026, 01:11:16 | No | No | - | CVE-2016-1247, CVE-2016-4450, CVE-2017-20005, CVE-2017-7529, CVE-2018-16843, CVE-2018-16844, CVE-2018-16845, CVE-2019-20372, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2021-23017, CVE-2021-3618, CVE-2022-41741, CVE-2022-41742, CVE-2023-44487, CVE-2024-42516, CVE-2024-43204, CVE-2024-43394, CVE-2024-47252, CVE-2024-7347, CVE-2025-23048, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020 | 25/05/2026, 07:05:04 | - |
| 173.212.241.•••:18789 | - | 🇫🇷 France | - | false | Leaked | AS51167 | Contabo GmbH | Contabo | 24/05/2026, 23:58:43 | 25/05/2026, 07:02:22 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 25/05/2026, 07:05:20 | contaboserver.net, contabo.de, contabo.net |
| 172.236.22.•••:18789 | - | 🇬🇧 United Kingdom | - | false | Clean | AS63949 | Akamai Connected Cloud | Linode | 24/05/2026, 23:58:43 | 25/05/2026, 07:02:22 | Yes | Yes | APT17, APT36, APT37, APT45, CloudSorcerer, Daggerfly APT, Kimsuky, MuddyWater Group, SideWinder APT, The Shadow Brokers | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 25/05/2026, 07:05:25 | itv.com |
| 18.156.118.•••:18789 | - | 🇩🇪 Germany | Yes | true | Clean | AS16509 | Amazon.com, Inc. | A100 ROW | 24/05/2026, 23:58:42 | 31/05/2026, 00:46:11 | - | - | - | - | - | - |
| 43.139.88.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 24/05/2026, 23:58:42 | 05/06/2026, 18:11:00 | Yes | Yes | Cobalt Group | CVE-2006-20001, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522 | 25/05/2026, 07:05:45 | tencent.com |
| 122.236.125.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Clean | AS4134 | Chinanet | ChinaNet Shaoxing | 24/05/2026, 23:58:42 | 25/05/2026, 07:02:21 | No | No | - | - | 19/05/2026, 07:05:47 | - |
| 155.212.160.•••:18789 | - | 🇳🇱 Netherlands | - | true | Clean | AS29182 | JSC IOT | Joint Stock Company Internet of Things | 24/05/2026, 23:58:41 | 03/06/2026, 12:36:35 | No | No | - | - | 19/05/2026, 07:05:58 | - |
| 60.186.8.•••:18789 | - | 🇨🇳 China mainland | - | false | Clean | AS4134 | Chinanet | ChinaNet Hangzhou | 24/05/2026, 23:58:41 | 25/05/2026, 07:02:21 | No | No | - | - | 19/05/2026, 07:06:13 | - |
| 34.18.150.•••:18789 | Assistant | 🇺🇸 United States | Yes | true | Clean | AS396982 | Google LLC | 24/05/2026, 23:58:41 | 06/06/2026, 16:00:30 | No | No | - | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 25/05/2026, 07:06:14 | - | |
| 147.224.191.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS31898 | Oracle Corporation | Oracle | 24/05/2026, 23:58:41 | 05/06/2026, 13:54:06 | Yes | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 25/05/2026, 07:06:18 | healtheintent.com, purewellness.com, cerner.ae, retek.com, tryfoexnow.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, healtheatcerner.com, oracle.com, hiedirectconnect.org, maxymiser.net, oraclecloudservices.com, rsys2.net, hyperroll.com, nor1.com, oxygen.systems, oraclegovcloud.com, orcale.com, oraclemobile.com, sun.co.in, openair.co, oraclepdemos.com, stellent.com, siebel.com, cerner.net, oracle-cloud.com, docucorp.com, mvalent.com, netsuitesuiteprojectspro.com, elementfusion.com, netsuiteforms.com, oraclecloud.com, en25.com, solaris.com, rightnowtech.com, think.com, ipapp.com, jdedwards.com, tiger-institute.org, zenedge.com, skire.com, sun.com, ateam-oracle.com, sales.com, fyleio.com, push.io, estara.com, tekelec.com, textura.com, paymyhealthbill.com, dyndns.com, java.net, optika.com, jcp.org, smed.com, cernerenviza-tw.com, datafox.com, recruitmax.com, decisioneering.com, adiinsights.com, stortek.com, seebeyond.com, livelook.com, openjdk.org, virtualbox.org, dyn.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, storagetek.com, oracledatacloud.com |
| 140.238.21.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS31898 | Oracle Corporation | Oracle Cloud | 24/05/2026, 23:58:40 | 06/06/2026, 15:18:14 | Yes | No | - | CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 25/05/2026, 07:06:44 | healtheintent.com, purewellness.com, cerner.ae, retek.com, tryfoexnow.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, healtheatcerner.com, oracle.com, hiedirectconnect.org, maxymiser.net, oraclecloudservices.com, rsys2.net, hyperroll.com, nor1.com, oxygen.systems, oraclegovcloud.com, orcale.com, oraclemobile.com, sun.co.in, openair.co, oraclepdemos.com, stellent.com, siebel.com, cerner.net, oracle-cloud.com, docucorp.com, mvalent.com, netsuitesuiteprojectspro.com, elementfusion.com, netsuiteforms.com, oracleemaildelivery.com, oraclecloud.com, en25.com, solaris.com, rightnowtech.com, think.com, ipapp.com, jdedwards.com, tiger-institute.org, zenedge.com, skire.com, sun.com, ateam-oracle.com, sales.com, fyleio.com, push.io, estara.com, tekelec.com, textura.com, paymyhealthbill.com, dyndns.com, java.net, optika.com, jcp.org, smed.com, cernerenviza-tw.com, datafox.com, recruitmax.com, decisioneering.com, adiinsights.com, stortek.com, seebeyond.com, livelook.com, openjdk.org, virtualbox.org, dyn.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, storagetek.com, oracledatacloud.com |
| 43.153.48.•••:18789 | - | 🇸🇬 Singapore | - | true | Leaked | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 24/05/2026, 23:58:40 | 05/06/2026, 23:51:56 | Yes | - | - | CVE-2014-4078, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 25/05/2026, 07:06:52 | tencent.com |
| 39.96.16.•••:18789 | - | 🇨🇳 China mainland | - | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 24/05/2026, 23:58:39 | 05/06/2026, 18:11:00 | Yes | Yes | APT28, APT41, Equation Group, Packrat | CVE-2010-4478, CVE-2010-5107, CVE-2011-4327, CVE-2011-5000, CVE-2012-0814, CVE-2016-0777 | 25/05/2026, 07:07:06 | aliyun.com |
| 216.128.139.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS20473 | The Constant Company, LLC | Vultr Holdings | 24/05/2026, 23:58:39 | 31/05/2026, 01:28:18 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 25/05/2026, 07:07:07 | vultr.com |
| 43.132.176.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Leaked | AS132203 | Tencent Building, Kejizhongyi Avenue | 6 Collyer Quay | 24/05/2026, 23:58:39 | 04/06/2026, 08:39:56 | Yes | Yes | APT-C-23, APT36, APT37, Cobalt Group, El-Machete, Equation Group, Gamaredon Group, Ghostwriter, Lazarus Group, Turla APT Group, Volt Typhoon | CVE-2018-16843, CVE-2018-16844, CVE-2018-16845, CVE-2019-20372, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2021-23017, CVE-2021-3618, CVE-2022-41741, CVE-2022-41742, CVE-2023-44487 | 31/05/2026, 21:45:24 | tencent.com |
| 222.212.152.•••:18789 | - | 🇨🇳 China mainland | - | false | Clean | AS4134 | Chinanet | ChinaNet Sichuan | 24/05/2026, 23:58:39 | 25/05/2026, 07:02:19 | - | - | - | - | - | - |
| 23.254.177.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS54290 | HostPapa | RackNerd | 24/05/2026, 23:58:39 | 05/06/2026, 02:36:08 | - | - | - | - | - | - |
| 5.100.137.•••:18789 | - | 🇩🇪 Germany | - | false | Clean | AS42652 | inexio Informationstechnologie und Telekommunikation Gmbh | Inexio | 24/05/2026, 23:58:39 | 25/05/2026, 07:02:18 | - | - | - | - | - | - |
| 193.181.209.•••:18789 | - | 🇩🇰 Denmark | - | false | Leaked | AS44803 | Webdock.io ApS | Webdock | 24/05/2026, 23:56:51 | 26/05/2026, 14:46:32 | Yes | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 25/05/2026, 18:27:24 | it.com |
| 2a0f:f01:208:198:::18789 | - | 🇩🇰 Denmark | - | false | Clean | AS44803 | Webdock.io ApS | DK Webdock | 24/05/2026, 23:56:51 | 26/05/2026, 14:46:31 | - | - | - | - | - | - |
| 20.91.207.•••:18789 | - | 🇺🇸 United States | - | false | Clean | AS8075 | Microsoft Corporation | Microsoft | 24/05/2026, 23:56:50 | 26/05/2026, 14:46:31 | No | - | - | - | 19/05/2026, 18:27:29 | - |
| 141.98.199.•••:18789 | - | 🇸🇬 Singapore | Yes | false | Clean | AS8888 | xTom Pty Ltd | 365 Group LLC | 24/05/2026, 23:56:50 | 26/05/2026, 14:46:31 | Yes | No | - | CVE-2016-10002, CVE-2016-10003, CVE-2018-1000024, CVE-2019-12519, CVE-2019-12521, CVE-2019-12523, CVE-2019-12525, CVE-2019-12526, CVE-2019-12529, CVE-2019-18676, CVE-2019-18677, CVE-2019-18678, CVE-2019-18679, CVE-2020-11945, CVE-2020-14058, CVE-2020-15049, CVE-2020-24606, CVE-2020-25097, CVE-2021-28651, CVE-2021-28652, CVE-2021-31807, CVE-2021-46784, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 25/05/2026, 18:27:32 | xtom.com |
| 149.202.74.•••:18789 | - | 🇫🇷 France | Yes | false | Leaked | AS16276 | OVH SAS | OVH | 24/05/2026, 23:56:50 | 26/05/2026, 14:46:31 | Yes | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-1695, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 25/05/2026, 18:27:35 | ovh.net |
| 140.143.166.•••:18789 | - | 🇨🇳 China mainland | - | false | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 24/05/2026, 23:56:50 | 26/05/2026, 15:28:47 | No | Yes | APT-C-23, APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Turla APT Group, Volt Typhoon | CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51385, CVE-2024-11233, CVE-2024-11234, CVE-2024-11236, CVE-2024-7347, CVE-2024-8929, CVE-2024-8932 | 25/05/2026, 18:27:36 | - |
| 3.106.228.•••:18789 | - | 🇦🇺 Australia | Yes | true | Clean | AS16509 | Amazon.com, Inc. | Amazon Corporate Services | 24/05/2026, 23:20:21 | 05/06/2026, 12:33:02 | No | No | - | CVE-2016-20012, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 25/05/2026, 04:19:50 | - |
| 111.250.124.•••:18789 | - | 🇹🇼 Taiwan | Yes | false | Leaked | AS3462 | Data Communication Business Group | Chunghwa Telecom Data Group | 24/05/2026, 23:20:20 | 28/05/2026, 04:16:12 | Yes | No | - | CVE-2009-2957, CVE-2009-2958, CVE-2012-3411, CVE-2013-0198, CVE-2015-3294, CVE-2015-8899, CVE-2017-13704, CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, CVE-2017-15107, CVE-2019-14513, CVE-2019-14834, CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687, CVE-2021-3448, CVE-2022-0934, CVE-2023-28450, CVE-2023-50387 | 25/05/2026, 04:19:51 | twgate.net, hinet.net, xuite.net, cht.com.tw, chttl.com.tw |
| 157.255.62.•••:20258 | - | 🇨🇳 China mainland | Yes | true | Clean | AS136958 | China Unicom Guangdong IP network | China Unicom Guangdong | 24/05/2026, 23:20:20 | 06/06/2026, 20:59:16 | - | - | - | - | - | - |
| 140.237.37.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Clean | AS4134 | Chinanet | ChinaNet Fujian | 24/05/2026, 23:20:20 | 28/05/2026, 01:27:10 | - | - | - | - | - | - |
| 93.173.3.•••:18789 | - | 🇮🇱 Israel | - | false | Clean | AS1680 | CELLCOM ltd. | Netvision | 24/05/2026, 23:20:20 | 25/05/2026, 07:48:52 | No | No | - | - | 19/05/2026, 04:19:59 | - |
| 66.175.213.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS63949 | Akamai Connected Cloud | Linode | 24/05/2026, 23:20:20 | 05/06/2026, 17:32:34 | Yes | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 25/05/2026, 04:20:00 | akasripcn.net, edgekey-staging.net, akamaitechnologies.com, akamai.ae, edgekey.net, simplicita.com, inscname.net, edgesuite.net, akamaitech.net, cotendo.com, bubblewrapp.com, chameleonx.com, akamai-staging.net, cformanalytics.com, janrainbackplane.com, verivue.com, akamaized-staging.net, nominum.com, akadns.net, akamaized.net, akamai.net, akamaistream.net, d4p.net, akamaihd.net, instart.com, akamai.dk, edgefcs.net, linodeusercontent.com, akamaihd-staging.net, cotssl.net, akafms.net, akami.com, lognormal.net, octoshape.net, akamai-access.com, instartlogic.com, limelightnetworks.com, akamaiapis.net |
| 185.106.176.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS932 | XNNET LLC | VH Global | 24/05/2026, 23:20:19 | 06/06/2026, 11:10:24 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT36, APT37, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2020-14145, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-33245, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 25/05/2026, 04:20:11 | - |
| 211.101.244.•••:18789 | - | 🇽🇽 XX | Yes | false | Leaked | AS58519 | Cloud Computing Corporation | Unknown | 24/05/2026, 23:20:19 | 28/05/2026, 12:00:22 | Yes | Yes | Packrat | - | 25/05/2026, 04:20:15 | cgmprecast.com, fuhuake.com, abpincorp.com, jekotrade.com, bopcon.com, boyu-group.com, cnnic.cn, qd-baolian.com, csofam.com, jiabinnu.com, kfstock.com, klmymmyc.com, hnbeixiang.com, xjjingyoga.com, 1haojiyin.com, detongwiremesh.com, dgclh.com, lstcarbon.com, ttstest.com, gaetanasnyc.com, yhjgkeji.com, bierte.com, ttyt360.com, zgkaite.com, turnoutservices.com, zjdddl.com, zjhrbz.com, bain86.com, impresosmonterrey.com, shworldbest.com, dongguansenzi.com |
| 114.55.132.•••:20282 | - | 🇨🇳 China mainland | Yes | false | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 24/05/2026, 23:20:19 | 25/05/2026, 08:31:11 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385 | 25/05/2026, 04:20:18 | aliyun.com |
| 172.104.214.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS63949 | Akamai Connected Cloud | Linode | 24/05/2026, 23:20:19 | 06/06/2026, 02:45:03 | No | Yes | APT14, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, UNC2452, Volt Typhoon, WIRTE | CVE-2006-20001, CVE-2016-20012, CVE-2018-20685, CVE-2019-0196, CVE-2019-0197, CVE-2019-0211, CVE-2019-0215, CVE-2019-0217, CVE-2019-0220, CVE-2019-10081, CVE-2019-10082, CVE-2019-10092, CVE-2019-10097, CVE-2019-10098, CVE-2019-16905, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9517, CVE-2020-11984, CVE-2020-11993, CVE-2020-13938, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 25/05/2026, 04:20:20 | - |
| 192.129.144.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS54290 | HostPapa | RackNerd | 24/05/2026, 23:20:18 | 05/06/2026, 15:23:52 | Yes | No | - | CVE-2025-68668, CVE-2025-68697, CVE-2025-68949, CVE-2026-0863, CVE-2026-1470, CVE-2026-21894, CVE-2026-25049, CVE-2026-25051, CVE-2026-25052, CVE-2026-25053, CVE-2026-25054, CVE-2026-25055, CVE-2026-25115, CVE-2026-27493, CVE-2026-27494, CVE-2026-27495, CVE-2026-27496, CVE-2026-27497, CVE-2026-27498, CVE-2026-27577, CVE-2026-27578, CVE-2026-33660, CVE-2026-33663, CVE-2026-33696, CVE-2026-33713, CVE-2026-33720, CVE-2026-33722, CVE-2026-33724, CVE-2026-33749, CVE-2026-33751, CVE-2026-42226, CVE-2026-42227, CVE-2026-42228, CVE-2026-42229, CVE-2026-42230, CVE-2026-42231, CVE-2026-42232, CVE-2026-42233, CVE-2026-42234, CVE-2026-42235, CVE-2026-42236, CVE-2026-42237 | 05/06/2026, 08:59:26 | racknerd.com |
| 185.255.95.•••:18789 | - | 🇹🇷 Türkiye | Yes | true | Clean | AS209604 | -----BEGIN TOKEN-----386cceb8168a2bed7b3c259c9c055a81061dd7c33c124587c41110684a7636917f6d8b0d84f48ae3c5b89314076d2a06c92d6bfc6a0514e840a3a2c3f4cfa7bf-----END TOKEN----- | Telekomunikasyon | 24/05/2026, 23:20:18 | 05/06/2026, 18:57:56 | No | No | - | CVE-2023-25136 | 25/05/2026, 04:20:26 | - |
| 39.105.185.•••:8090 | - | 🇽🇽 XX | - | false | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Unknown | 24/05/2026, 23:20:18 | 25/05/2026, 08:31:10 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Packrat, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385 | 25/05/2026, 04:20:28 | aliyun.com |
| 43.161.228.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Leaked | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 24/05/2026, 23:20:17 | 06/06/2026, 03:27:15 | Yes | No | - | - | 25/05/2026, 04:20:31 | tencent.com |
| 3.222.37.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS14618 | Amazon.com, Inc. | Amazon Web Services | 24/05/2026, 23:20:17 | 07/06/2026, 00:30:49 | Yes | Yes | DragonFly | CVE-2011-4718, CVE-2012-1171, CVE-2013-3735, CVE-2013-4113, CVE-2013-4248, CVE-2013-6420, CVE-2013-6501, CVE-2013-6712, CVE-2013-7327, CVE-2013-7345, CVE-2014-0185, CVE-2014-0207, CVE-2014-0236, CVE-2014-0237, CVE-2014-0238, CVE-2014-1943, CVE-2014-2020, CVE-2014-2270, CVE-2014-2497, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3515, CVE-2014-3538, CVE-2014-3587, CVE-2014-3597, CVE-2014-3668, CVE-2014-3669, CVE-2014-3670, CVE-2014-3710, CVE-2014-3981, CVE-2014-4049, CVE-2014-4670, CVE-2014-4698, CVE-2014-4721, CVE-2014-5120, CVE-2014-5459, CVE-2014-8142, CVE-2014-9425, CVE-2014-9426, CVE-2014-9427, CVE-2014-9652, CVE-2014-9653, CVE-2014-9705, CVE-2014-9709, CVE-2014-9767, CVE-2014-9912, CVE-2015-0231, CVE-2015-0232, CVE-2015-0235, CVE-2015-0273, CVE-2015-1351, CVE-2015-1352, CVE-2015-2301, CVE-2015-2305, CVE-2015-2325, CVE-2015-2326, CVE-2015-2331, CVE-2015-2348, CVE-2015-2783, CVE-2015-2787, CVE-2015-3152, CVE-2015-3307, CVE-2015-3329, CVE-2015-3330, CVE-2015-3411, CVE-2015-3412, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-4021, CVE-2015-4022, CVE-2015-4024, CVE-2015-4025, CVE-2015-4026, CVE-2015-4116, CVE-2015-4147, CVE-2015-4148, CVE-2015-4598, CVE-2015-4599, CVE-2015-4600, CVE-2015-4601, CVE-2015-4602, CVE-2015-4603, CVE-2015-4604, CVE-2015-4605, CVE-2015-4642, CVE-2015-4643, CVE-2015-4644, CVE-2015-5589, CVE-2015-5590, CVE-2015-6831, CVE-2015-6832, CVE-2015-6833, CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, CVE-2015-6838, CVE-2015-7803, CVE-2015-7804, CVE-2015-8835, CVE-2015-8838, CVE-2015-8865, CVE-2015-8867, CVE-2015-8873, CVE-2015-8874, CVE-2015-8876, CVE-2015-8877, CVE-2015-8879, CVE-2015-8935, CVE-2015-8994, CVE-2015-9253, CVE-2016-10158, CVE-2016-10159, CVE-2016-10161, CVE-2016-10397, CVE-2016-10712, CVE-2016-1903, CVE-2016-20012, CVE-2016-2554, CVE-2016-3141, CVE-2016-3142, CVE-2016-3185, CVE-2016-4070, CVE-2016-4342, CVE-2016-4343, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-5093, CVE-2016-5094, CVE-2016-5095, CVE-2016-5096, CVE-2016-5114, CVE-2016-5399, CVE-2016-5768, CVE-2016-5769, CVE-2016-5770, CVE-2016-5771, CVE-2016-5772, CVE-2016-5773, CVE-2016-6174, CVE-2016-6288, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297, CVE-2016-7124, CVE-2016-7125, CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129, CVE-2016-7130, CVE-2016-7131, CVE-2016-7132, CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418, CVE-2016-7478, CVE-2016-9137, CVE-2016-9138, CVE-2016-9934, CVE-2016-9935, CVE-2017-11142, CVE-2017-11143, CVE-2017-11144, CVE-2017-11145, CVE-2017-11147, CVE-2017-11628, CVE-2017-12933, CVE-2017-15906, CVE-2017-16642, CVE-2017-7272, CVE-2017-7890, CVE-2017-7963, CVE-2017-8923, CVE-2017-9224, CVE-2017-9225, CVE-2017-9226, CVE-2017-9229, CVE-2018-10545, CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549, CVE-2018-14851, CVE-2018-14883, CVE-2018-15132, CVE-2018-15473, CVE-2018-15919, CVE-2018-17082, CVE-2018-19395, CVE-2018-19396, CVE-2018-19520, CVE-2018-20685, CVE-2018-20783, CVE-2018-5711, CVE-2018-5712, CVE-2018-7584, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9023, CVE-2019-9024, CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9641, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2022-31628, CVE-2022-31629, CVE-2022-4900, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 25/05/2026, 04:20:33 | ormars.com |
| 39.105.71.•••:18789 | - | 🇽🇽 XX | Yes | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Unknown | 24/05/2026, 23:20:17 | 06/06/2026, 06:15:26 | Yes | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617 | 25/05/2026, 04:20:36 | aliyun.com |
| 154.205.81.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS9294 | GNET INC. | Cloud Innovation | 24/05/2026, 23:20:17 | 06/06/2026, 23:06:09 | No | No | - | - | 19/05/2026, 04:20:38 | - |
| 62.234.144.•••:3003 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 24/05/2026, 23:20:17 | 07/06/2026, 00:30:44 | No | No | - | - | 19/05/2026, 04:20:39 | - |
| 125.121.34.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Clean | AS4134 | Chinanet | ChinaNet Hangzhou | 24/05/2026, 23:20:16 | 25/05/2026, 08:31:08 | No | No | - | - | 19/05/2026, 04:20:54 | - |
| 178.105.209.•••:18789 | - | 🇩🇪 Germany | Yes | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner | 24/05/2026, 23:20:16 | 05/06/2026, 17:32:33 | No | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 05/06/2026, 15:29:34 | - |
| 154.210.48.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS9294 | GNET INC. | Cloud Innovation | 24/05/2026, 23:20:16 | 06/06/2026, 07:39:43 | No | No | - | - | 19/05/2026, 07:52:34 | - |
| 149.202.56.•••:18789 | - | 🇫🇷 France | Yes | false | Clean | AS16276 | OVH SAS | OVH | 24/05/2026, 23:20:16 | 25/05/2026, 08:31:07 | - | - | - | - | - | - |
| 159.89.123.•••:18789 | - | 🇨🇦 Canada | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 24/05/2026, 23:18:30 | 07/06/2026, 01:10:13 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 25/05/2026, 00:01:59 | - |
| 3.106.228.•••:18789 | - | 🇦🇺 Australia | Yes | true | Clean | AS16509 | Amazon.com, Inc. | Amazon Corporate Services | 24/05/2026, 23:18:30 | 05/06/2026, 09:40:32 | No | No | - | CVE-2016-20012, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 25/05/2026, 00:02:15 | - |
| 111.250.124.•••:18789 | - | 🇹🇼 Taiwan | Yes | false | Leaked | AS3462 | Data Communication Business Group | Chunghwa Telecom Data Group | 24/05/2026, 23:18:30 | 28/05/2026, 02:06:49 | Yes | No | - | CVE-2009-2957, CVE-2009-2958, CVE-2012-3411, CVE-2013-0198, CVE-2015-3294, CVE-2015-8899, CVE-2017-13704, CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, CVE-2017-15107, CVE-2019-14513, CVE-2019-14834, CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687, CVE-2021-3448, CVE-2022-0934, CVE-2023-28450, CVE-2023-50387 | 25/05/2026, 00:02:17 | twgate.net, hinet.net, xuite.net, cht.com.tw, chttl.com.tw |
| 140.237.37.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Clean | AS4134 | Chinanet | ChinaNet Fujian | 24/05/2026, 23:18:30 | 28/05/2026, 00:00:45 | - | - | - | - | - | - |
| 93.173.3.•••:18789 | - | 🇮🇱 Israel | - | false | Clean | AS1680 | CELLCOM ltd. | Netvision | 24/05/2026, 23:18:30 | 25/05/2026, 06:21:53 | No | No | - | - | 19/05/2026, 00:02:43 | - |
| 66.175.213.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS63949 | Akamai Connected Cloud | Linode | 24/05/2026, 23:18:30 | 05/06/2026, 14:38:36 | Yes | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 25/05/2026, 00:02:44 | akasripcn.net, edgekey-staging.net, akamaitechnologies.com, akamai.ae, edgekey.net, simplicita.com, inscname.net, edgesuite.net, akamaitech.net, cotendo.com, bubblewrapp.com, chameleonx.com, akamai-staging.net, cformanalytics.com, janrainbackplane.com, verivue.com, akamaized-staging.net, nominum.com, akadns.net, akamaized.net, akamai.net, akamaistream.net, d4p.net, akamaihd.net, instart.com, akamai.dk, edgefcs.net, linodeusercontent.com, akamaihd-staging.net, cotssl.net, akafms.net, akami.com, lognormal.net, octoshape.net, akamai-access.com, instartlogic.com, limelightnetworks.com, akamaiapis.net |
| 52.141.0.•••:18789 | - | 🇺🇸 United States | - | false | Clean | AS8075 | Microsoft Corporation | Microsoft | 24/05/2026, 23:18:29 | 25/05/2026, 06:21:52 | No | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 25/05/2026, 00:03:18 | - |
| 2408:8248:4417:2120::8e6:18789 | - | 🇨🇳 China mainland | - | false | Clean | AS4837 | CHINA UNICOM China169 Backbone | China Unicom | 24/05/2026, 23:18:29 | 27/05/2026, 23:18:33 | - | - | - | - | - | - |
| 185.106.176.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS932 | XNNET LLC | VH Global | 24/05/2026, 23:18:28 | 06/06/2026, 07:37:30 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT36, APT37, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2020-14145, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-33245, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 25/05/2026, 00:03:41 | - |
| 211.101.244.•••:18789 | - | 🇽🇽 XX | Yes | false | Leaked | AS58519 | Cloud Computing Corporation | Unknown | 24/05/2026, 23:18:28 | 29/05/2026, 06:27:16 | Yes | Yes | Packrat | - | 25/05/2026, 00:03:59 | cgmprecast.com, fuhuake.com, abpincorp.com, jekotrade.com, bopcon.com, boyu-group.com, cnnic.cn, qd-baolian.com, csofam.com, jiabinnu.com, kfstock.com, klmymmyc.com, hnbeixiang.com, xjjingyoga.com, 1haojiyin.com, detongwiremesh.com, dgclh.com, lstcarbon.com, ttstest.com, gaetanasnyc.com, yhjgkeji.com, bierte.com, ttyt360.com, zgkaite.com, turnoutservices.com, zjdddl.com, zjhrbz.com, bain86.com, impresosmonterrey.com, shworldbest.com, dongguansenzi.com |
| 172.104.214.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS63949 | Akamai Connected Cloud | Linode | 24/05/2026, 23:18:28 | 05/06/2026, 23:53:46 | No | Yes | APT14, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, UNC2452, Volt Typhoon, WIRTE | CVE-2006-20001, CVE-2016-20012, CVE-2018-20685, CVE-2019-0196, CVE-2019-0197, CVE-2019-0211, CVE-2019-0215, CVE-2019-0217, CVE-2019-0220, CVE-2019-10081, CVE-2019-10082, CVE-2019-10092, CVE-2019-10097, CVE-2019-10098, CVE-2019-16905, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9517, CVE-2020-11984, CVE-2020-11993, CVE-2020-13938, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 25/05/2026, 00:04:23 | - |
| 192.129.144.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS54290 | HostPapa | RackNerd | 24/05/2026, 23:18:28 | 05/06/2026, 12:30:45 | - | - | - | - | - | - |
| 185.255.95.•••:18789 | - | 🇹🇷 Türkiye | Yes | true | Clean | AS209604 | -----BEGIN TOKEN-----386cceb8168a2bed7b3c259c9c055a81061dd7c33c124587c41110684a7636917f6d8b0d84f48ae3c5b89314076d2a06c92d6bfc6a0514e840a3a2c3f4cfa7bf-----END TOKEN----- | Telekomunikasyon | 24/05/2026, 23:18:27 | 05/06/2026, 16:04:08 | No | No | - | CVE-2023-25136 | 25/05/2026, 18:30:05 | - |
| 43.161.228.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Leaked | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 24/05/2026, 23:18:27 | 06/06/2026, 13:13:50 | Yes | No | - | - | 29/05/2026, 12:50:56 | tencent.com |
| 3.222.37.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14618 | Amazon.com, Inc. | Amazon Web Services | 24/05/2026, 23:18:27 | 06/06/2026, 20:57:00 | Yes | Yes | DragonFly | CVE-2011-4718, CVE-2012-1171, CVE-2013-3735, CVE-2013-4113, CVE-2013-4248, CVE-2013-6420, CVE-2013-6501, CVE-2013-6712, CVE-2013-7327, CVE-2013-7345, CVE-2014-0185, CVE-2014-0207, CVE-2014-0236, CVE-2014-0237, CVE-2014-0238, CVE-2014-1943, CVE-2014-2020, CVE-2014-2270, CVE-2014-2497, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3515, CVE-2014-3538, CVE-2014-3587, CVE-2014-3597, CVE-2014-3668, CVE-2014-3669, CVE-2014-3670, CVE-2014-3710, CVE-2014-3981, CVE-2014-4049, CVE-2014-4670, CVE-2014-4698, CVE-2014-4721, CVE-2014-5120, CVE-2014-5459, CVE-2014-8142, CVE-2014-9425, CVE-2014-9426, CVE-2014-9427, CVE-2014-9652, CVE-2014-9653, CVE-2014-9705, CVE-2014-9709, CVE-2014-9767, CVE-2014-9912, CVE-2015-0231, CVE-2015-0232, CVE-2015-0235, CVE-2015-0273, CVE-2015-1351, CVE-2015-1352, CVE-2015-2301, CVE-2015-2305, CVE-2015-2325, CVE-2015-2326, CVE-2015-2331, CVE-2015-2348, CVE-2015-2783, CVE-2015-2787, CVE-2015-3152, CVE-2015-3307, CVE-2015-3329, CVE-2015-3330, CVE-2015-3411, CVE-2015-3412, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-4021, CVE-2015-4022, CVE-2015-4024, CVE-2015-4025, CVE-2015-4026, CVE-2015-4116, CVE-2015-4147, CVE-2015-4148, CVE-2015-4598, CVE-2015-4599, CVE-2015-4600, CVE-2015-4601, CVE-2015-4602, CVE-2015-4603, CVE-2015-4604, CVE-2015-4605, CVE-2015-4642, CVE-2015-4643, CVE-2015-4644, CVE-2015-5589, CVE-2015-5590, CVE-2015-6831, CVE-2015-6832, CVE-2015-6833, CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, CVE-2015-6838, CVE-2015-7803, CVE-2015-7804, CVE-2015-8835, CVE-2015-8838, CVE-2015-8865, CVE-2015-8867, CVE-2015-8873, CVE-2015-8874, CVE-2015-8876, CVE-2015-8877, CVE-2015-8879, CVE-2015-8935, CVE-2015-8994, CVE-2015-9253, CVE-2016-10158, CVE-2016-10159, CVE-2016-10161, CVE-2016-10397, CVE-2016-10712, CVE-2016-1903, CVE-2016-20012, CVE-2016-2554, CVE-2016-3141, CVE-2016-3142, CVE-2016-3185, CVE-2016-4070, CVE-2016-4342, CVE-2016-4343, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-5093, CVE-2016-5094, CVE-2016-5095, CVE-2016-5096, CVE-2016-5114, CVE-2016-5399, CVE-2016-5768, CVE-2016-5769, CVE-2016-5770, CVE-2016-5771, CVE-2016-5772, CVE-2016-5773, CVE-2016-6174, CVE-2016-6288, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297, CVE-2016-7124, CVE-2016-7125, CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129, CVE-2016-7130, CVE-2016-7131, CVE-2016-7132, CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418, CVE-2016-7478, CVE-2016-9137, CVE-2016-9138, CVE-2016-9934, CVE-2016-9935, CVE-2017-11142, CVE-2017-11143, CVE-2017-11144, CVE-2017-11145, CVE-2017-11147, CVE-2017-11628, CVE-2017-12933, CVE-2017-15906, CVE-2017-16642, CVE-2017-7272, CVE-2017-7890, CVE-2017-7963, CVE-2017-8923, CVE-2017-9224, CVE-2017-9225, CVE-2017-9226, CVE-2017-9229, CVE-2018-10545, CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549, CVE-2018-14851, CVE-2018-14883, CVE-2018-15132, CVE-2018-15473, CVE-2018-15919, CVE-2018-17082, CVE-2018-19395, CVE-2018-19396, CVE-2018-19520, CVE-2018-20685, CVE-2018-20783, CVE-2018-5711, CVE-2018-5712, CVE-2018-7584, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9023, CVE-2019-9024, CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9641, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2022-31628, CVE-2022-31629, CVE-2022-4900, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 30/05/2026, 23:24:31 | ormars.com |
| 39.105.71.•••:18789 | - | 🇽🇽 XX | Yes | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Unknown | 24/05/2026, 23:18:27 | 06/06/2026, 03:24:54 | Yes | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617 | 06/06/2026, 02:46:14 | aliyun.com |
| 154.205.81.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS9294 | GNET INC. | Cloud Innovation | 24/05/2026, 23:18:27 | 06/06/2026, 20:14:52 | No | No | - | - | 20/05/2026, 04:20:19 | - |
| 72.95.9.•••:18789 | - | 🇺🇸 United States | - | false | Clean | AS701 | Verizon Business | Verizon Business | 24/05/2026, 23:18:27 | 25/05/2026, 06:21:50 | - | - | - | - | - | - |
| 107.175.0.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS36352 | HostPapa | RackNerd | 24/05/2026, 23:18:26 | 04/06/2026, 23:48:39 | Yes | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 27/05/2026, 03:32:34 | racknerd.com |
| 20.196.193.•••:18789 | - | 🇺🇸 United States | - | false | Clean | AS8075 | Microsoft Corporation | Microsoft | 24/05/2026, 23:18:26 | 25/05/2026, 06:21:49 | - | - | - | - | - | - |
| 125.121.34.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Clean | AS4134 | Chinanet | ChinaNet Hangzhou | 24/05/2026, 23:18:26 | 25/05/2026, 06:21:49 | - | - | - | - | - | - |
| 178.105.209.•••:18789 | - | 🇩🇪 Germany | Yes | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner | 24/05/2026, 23:18:25 | 05/06/2026, 14:38:35 | No | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 05/06/2026, 12:30:56 | - |
| 2409:8a60:2a6b:34c0:9c8d:b82a:b932:9702:18789 | - | 🇨🇳 China mainland | - | false | Clean | AS9808 | China Mobile Communications Group Co., Ltd. | China Mobile | 24/05/2026, 23:18:25 | 26/05/2026, 05:43:01 | - | - | - | - | - | - |
| 34.62.171.•••:18789 | Assistant | 🇺🇸 United States | Yes | false | Clean | AS396982 | Google LLC | 24/05/2026, 23:16:35 | 25/05/2026, 05:37:36 | - | - | - | - | - | - | |
| 159.89.123.•••:18789 | - | 🇨🇦 Canada | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 24/05/2026, 23:16:34 | 07/06/2026, 01:08:26 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 25/05/2026, 07:02:07 | - |
| 3.106.228.•••:18789 | - | 🇦🇺 Australia | Yes | true | Clean | AS16509 | Amazon.com, Inc. | Amazon Corporate Services | 24/05/2026, 23:16:30 | 05/06/2026, 09:38:36 | No | No | - | CVE-2016-20012, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 31/05/2026, 00:49:20 | - |
| 111.250.124.•••:18789 | - | 🇹🇼 Taiwan | Yes | false | Leaked | AS3462 | Data Communication Business Group | Chunghwa Telecom Data Group | 24/05/2026, 23:16:30 | 28/05/2026, 02:05:00 | Yes | No | - | CVE-2009-2957, CVE-2009-2958, CVE-2012-3411, CVE-2013-0198, CVE-2015-3294, CVE-2015-8899, CVE-2017-13704, CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, CVE-2017-15107, CVE-2019-14513, CVE-2019-14834, CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687, CVE-2021-3448, CVE-2022-0934, CVE-2023-28450, CVE-2023-50387 | 27/05/2026, 21:10:04 | twgate.net, hinet.net, xuite.net, cht.com.tw, chttl.com.tw |
| 140.237.37.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Clean | AS4134 | Chinanet | ChinaNet Fujian | 24/05/2026, 23:16:30 | 27/05/2026, 23:58:51 | - | - | - | - | - | - |
| 93.173.3.•••:18789 | - | 🇮🇱 Israel | - | false | Clean | AS1680 | CELLCOM ltd. | Netvision | 24/05/2026, 23:16:30 | 25/05/2026, 06:20:01 | - | - | - | - | - | - |
| 66.175.213.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS63949 | Akamai Connected Cloud | Linode | 24/05/2026, 23:16:30 | 05/06/2026, 14:36:46 | Yes | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 26/05/2026, 11:21:28 | akasripcn.net, edgekey-staging.net, akamaitechnologies.com, akamai.ae, edgekey.net, simplicita.com, inscname.net, edgesuite.net, akamaitech.net, cotendo.com, bubblewrapp.com, chameleonx.com, akamai-staging.net, cformanalytics.com, janrainbackplane.com, verivue.com, akamaized-staging.net, nominum.com, akadns.net, akamaized.net, akamai.net, akamaistream.net, d4p.net, akamaihd.net, instart.com, akamai.dk, edgefcs.net, linodeusercontent.com, akamaihd-staging.net, cotssl.net, akafms.net, akami.com, lognormal.net, octoshape.net, akamai-access.com, instartlogic.com, limelightnetworks.com, akamaiapis.net |
| 52.141.0.•••:18789 | - | 🇺🇸 United States | - | false | Clean | AS8075 | Microsoft Corporation | Microsoft | 24/05/2026, 23:16:29 | 25/05/2026, 06:20:00 | - | - | - | - | - | - |
| 2408:8248:4417:2120::8e6:18789 | - | 🇨🇳 China mainland | - | false | Clean | AS4837 | CHINA UNICOM China169 Backbone | China Unicom | 24/05/2026, 23:16:29 | 27/05/2026, 23:16:41 | - | - | - | - | - | - |
| 185.106.176.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS932 | XNNET LLC | VH Global | 24/05/2026, 23:16:29 | 06/06/2026, 07:35:41 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT36, APT37, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2020-14145, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-33245, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 31/05/2026, 02:11:06 | - |
| 211.101.244.•••:18789 | - | 🇽🇽 XX | Yes | false | Clean | AS58519 | Cloud Computing Corporation | Unknown | 24/05/2026, 23:16:29 | 28/05/2026, 09:50:16 | - | - | - | - | - | - |
| 172.104.214.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS63949 | Akamai Connected Cloud | Linode | 24/05/2026, 23:16:28 | 05/06/2026, 23:51:53 | No | Yes | APT14, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, UNC2452, Volt Typhoon, WIRTE | CVE-2006-20001, CVE-2016-20012, CVE-2018-20685, CVE-2019-0196, CVE-2019-0197, CVE-2019-0211, CVE-2019-0215, CVE-2019-0217, CVE-2019-0220, CVE-2019-10081, CVE-2019-10082, CVE-2019-10092, CVE-2019-10097, CVE-2019-10098, CVE-2019-16905, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9517, CVE-2020-11984, CVE-2020-11993, CVE-2020-13938, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 26/05/2026, 21:54:25 | - |
| 192.129.144.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS54290 | HostPapa | RackNerd | 24/05/2026, 23:16:27 | 05/06/2026, 12:28:44 | Yes | No | - | CVE-2025-68668, CVE-2025-68697, CVE-2025-68949, CVE-2026-0863, CVE-2026-1470, CVE-2026-21894, CVE-2026-25049, CVE-2026-25051, CVE-2026-25052, CVE-2026-25053, CVE-2026-25054, CVE-2026-25055, CVE-2026-25115, CVE-2026-27493, CVE-2026-27494, CVE-2026-27495, CVE-2026-27496, CVE-2026-27497, CVE-2026-27498, CVE-2026-27577, CVE-2026-27578, CVE-2026-33660, CVE-2026-33663, CVE-2026-33696, CVE-2026-33713, CVE-2026-33720, CVE-2026-33722, CVE-2026-33724, CVE-2026-33749, CVE-2026-33751, CVE-2026-42226, CVE-2026-42227, CVE-2026-42228, CVE-2026-42229, CVE-2026-42230, CVE-2026-42231, CVE-2026-42232, CVE-2026-42233, CVE-2026-42234, CVE-2026-42235, CVE-2026-42236, CVE-2026-42237 | 05/06/2026, 11:48:50 | racknerd.com |
| 185.255.95.•••:18789 | - | 🇹🇷 Türkiye | Yes | true | Clean | AS209604 | -----BEGIN TOKEN-----386cceb8168a2bed7b3c259c9c055a81061dd7c33c124587c41110684a7636917f6d8b0d84f48ae3c5b89314076d2a06c92d6bfc6a0514e840a3a2c3f4cfa7bf-----END TOKEN----- | Telekomunikasyon | 24/05/2026, 23:16:27 | 05/06/2026, 16:02:16 | No | No | - | CVE-2023-25136 | 28/05/2026, 00:00:00 | - |
| 43.161.228.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Leaked | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 24/05/2026, 23:16:27 | 06/06/2026, 13:12:04 | Yes | No | - | - | 28/05/2026, 00:02:18 | tencent.com |
| 3.222.37.•••:18789 | - | 🇺🇸 United States | - | true | Clean | AS14618 | Amazon.com, Inc. | Amazon Web Services | 24/05/2026, 23:16:27 | 06/06/2026, 20:55:09 | Yes | Yes | DragonFly | CVE-2011-4718, CVE-2012-1171, CVE-2013-3735, CVE-2013-4113, CVE-2013-4248, CVE-2013-6420, CVE-2013-6501, CVE-2013-6712, CVE-2013-7327, CVE-2013-7345, CVE-2014-0185, CVE-2014-0207, CVE-2014-0236, CVE-2014-0237, CVE-2014-0238, CVE-2014-1943, CVE-2014-2020, CVE-2014-2270, CVE-2014-2497, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3515, CVE-2014-3538, CVE-2014-3587, CVE-2014-3597, CVE-2014-3668, CVE-2014-3669, CVE-2014-3670, CVE-2014-3710, CVE-2014-3981, CVE-2014-4049, CVE-2014-4670, CVE-2014-4698, CVE-2014-4721, CVE-2014-5120, CVE-2014-5459, CVE-2014-8142, CVE-2014-9425, CVE-2014-9426, CVE-2014-9427, CVE-2014-9652, CVE-2014-9653, CVE-2014-9705, CVE-2014-9709, CVE-2014-9767, CVE-2014-9912, CVE-2015-0231, CVE-2015-0232, CVE-2015-0235, CVE-2015-0273, CVE-2015-1351, CVE-2015-1352, CVE-2015-2301, CVE-2015-2305, CVE-2015-2325, CVE-2015-2326, CVE-2015-2331, CVE-2015-2348, CVE-2015-2783, CVE-2015-2787, CVE-2015-3152, CVE-2015-3307, CVE-2015-3329, CVE-2015-3330, CVE-2015-3411, CVE-2015-3412, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-4021, CVE-2015-4022, CVE-2015-4024, CVE-2015-4025, CVE-2015-4026, CVE-2015-4116, CVE-2015-4147, CVE-2015-4148, CVE-2015-4598, CVE-2015-4599, CVE-2015-4600, CVE-2015-4601, CVE-2015-4602, CVE-2015-4603, CVE-2015-4604, CVE-2015-4605, CVE-2015-4642, CVE-2015-4643, CVE-2015-4644, CVE-2015-5589, CVE-2015-5590, CVE-2015-6831, CVE-2015-6832, CVE-2015-6833, CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, CVE-2015-6838, CVE-2015-7803, CVE-2015-7804, CVE-2015-8835, CVE-2015-8838, CVE-2015-8865, CVE-2015-8867, CVE-2015-8873, CVE-2015-8874, CVE-2015-8876, CVE-2015-8877, CVE-2015-8879, CVE-2015-8935, CVE-2015-8994, CVE-2015-9253, CVE-2016-10158, CVE-2016-10159, CVE-2016-10161, CVE-2016-10397, CVE-2016-10712, CVE-2016-1903, CVE-2016-20012, CVE-2016-2554, CVE-2016-3141, CVE-2016-3142, CVE-2016-3185, CVE-2016-4070, CVE-2016-4342, CVE-2016-4343, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-5093, CVE-2016-5094, CVE-2016-5095, CVE-2016-5096, CVE-2016-5114, CVE-2016-5399, CVE-2016-5768, CVE-2016-5769, CVE-2016-5770, CVE-2016-5771, CVE-2016-5772, CVE-2016-5773, CVE-2016-6174, CVE-2016-6288, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297, CVE-2016-7124, CVE-2016-7125, CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129, CVE-2016-7130, CVE-2016-7131, CVE-2016-7132, CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418, CVE-2016-7478, CVE-2016-9137, CVE-2016-9138, CVE-2016-9934, CVE-2016-9935, CVE-2017-11142, CVE-2017-11143, CVE-2017-11144, CVE-2017-11145, CVE-2017-11147, CVE-2017-11628, CVE-2017-12933, CVE-2017-15906, CVE-2017-16642, CVE-2017-7272, CVE-2017-7890, CVE-2017-7963, CVE-2017-8923, CVE-2017-9224, CVE-2017-9225, CVE-2017-9226, CVE-2017-9229, CVE-2018-10545, CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549, CVE-2018-14851, CVE-2018-14883, CVE-2018-15132, CVE-2018-15473, CVE-2018-15919, CVE-2018-17082, CVE-2018-19395, CVE-2018-19396, CVE-2018-19520, CVE-2018-20685, CVE-2018-20783, CVE-2018-5711, CVE-2018-5712, CVE-2018-7584, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9023, CVE-2019-9024, CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9641, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2022-31628, CVE-2022-31629, CVE-2022-4900, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 28/05/2026, 16:59:56 | ormars.com |
| 4.155.56.•••:18789 | - | 🇺🇸 United States | - | false | Clean | AS8075 | Microsoft Corporation | Microsoft | 24/05/2026, 23:16:27 | 25/05/2026, 06:19:58 | - | - | - | - | - | - |
| 39.105.71.•••:18789 | - | 🇽🇽 XX | Yes | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Unknown | 24/05/2026, 23:16:27 | 06/06/2026, 03:23:05 | Yes | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617 | 31/05/2026, 00:05:51 | aliyun.com |
| 154.205.81.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS9294 | GNET INC. | Cloud Innovation | 24/05/2026, 23:16:27 | 06/06/2026, 20:13:03 | No | No | - | - | 20/05/2026, 12:01:19 | - |
| 72.95.9.•••:18789 | - | 🇺🇸 United States | - | false | Clean | AS701 | Verizon Business | Verizon Business | 24/05/2026, 23:16:26 | 25/05/2026, 06:19:57 | - | - | - | - | - | - |
| 107.175.0.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS36352 | HostPapa | RackNerd | 24/05/2026, 23:16:25 | 04/06/2026, 23:46:53 | Yes | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 30/05/2026, 04:27:02 | racknerd.com |
| 20.196.193.•••:18789 | - | 🇺🇸 United States | - | false | Clean | AS8075 | Microsoft Corporation | Microsoft | 24/05/2026, 23:16:25 | 25/05/2026, 06:19:56 | - | - | - | - | - | - |
| 125.121.34.•••:18789 | - | 🇨🇳 China mainland | Yes | false | Clean | AS4134 | Chinanet | ChinaNet Hangzhou | 24/05/2026, 23:16:25 | 25/05/2026, 06:19:56 | - | - | - | - | - | - |
| 178.105.209.•••:18789 | - | 🇩🇪 Germany | Yes | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner | 24/05/2026, 23:16:25 | 05/06/2026, 14:36:45 | No | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 05/06/2026, 11:06:20 | - |
| 159.89.123.•••:18789 | - | 🇨🇦 Canada | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 24/05/2026, 23:14:31 | 07/06/2026, 01:05:56 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 25/05/2026, 18:27:11 | - |
| 52.141.0.•••:18789 | - | 🇺🇸 United States | - | false | Clean | AS8075 | Microsoft Corporation | Microsoft | 24/05/2026, 23:14:30 | 26/05/2026, 14:04:50 | No | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414 | 25/05/2026, 18:27:12 | - |
| 72.95.9.•••:18789 | - | 🇺🇸 United States | - | false | Leaked | AS701 | Verizon Business | Verizon Business | 24/05/2026, 23:14:30 | 26/05/2026, 14:46:32 | Yes | No | - | - | 25/05/2026, 18:27:18 | verizon.com |