🦞 OpenClaw Exposure Watchboard
This page lists publicly reachable active OpenClaw instances for defensive awareness. If this is your deployment, enable authentication, remove direct public exposure, and patch immediately.
Exposed Instances: 683295 Page: 836 / 6833 (100 per page) Showing: 83501-83600 Last Imported: 19/04/2026, 08:41:00
🇨🇳 364,448
🇺🇸 188,265
Build With Vivgrid
Explore Vivgrid Ship Secure Enterprise AI Agents 10× Faster with vivgrid.com
Vivgrid gives you authentication, model gateway, tool control, cost tracking, and enterprise observability — everything you need to ship AI agents safely at scale.
| Endpoint | Assistant Name | Country | auth_required | is_active | has_leaked_creds | asn | asn_name | org | first_seen | last_seen | asi_has_breach | asi_has_threat_actor | asi_threat_actors | asi_cves | asi_enriched_at | asi_domains |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 136.115.185.•••:10036 | - | 🇺🇸 United States | Yes | true | Clean | AS396982 | Google LLC | 06/04/2026, 12:03:56 | 06/04/2026, 15:49:56 | No | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 06/04/2026, 13:35:44 | - | |
| 180.154.100.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS4812 | China Telecom (Group) | ChinaNet Shanghai | 06/04/2026, 12:03:56 | 12/04/2026, 00:48:21 | Yes | - | - | - | 06/04/2026, 13:36:00 | bj189.cn, 118114.cn, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, ideal.sh.cn, daqu.com.cn, ctyun.cn |
| 46.224.163.•••:80 | - | 🇩🇪 Germany | Yes | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner | 06/04/2026, 12:03:56 | 15/04/2026, 13:30:51 | - | - | - | - | - | - |
| 138.249.141.•••:18789 | - | 🇳🇱 Netherlands | Yes | true | Clean | AS57043 | HOSTKEY B.V. | Spaceweb | 06/04/2026, 12:03:55 | 12/04/2026, 00:49:56 | No | No | - | - | 31/03/2026, 13:36:05 | - |
| 38.127.47.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS18978 | Enzu Inc | Enzu | 06/04/2026, 12:03:55 | 15/04/2026, 01:34:26 | No | No | - | - | 31/03/2026, 13:36:17 | - |
| 15.204.141.•••:10036 | - | 🇺🇸 United States | Yes | true | Leaked | AS16276 | OVH SAS | [name redacted] | 06/04/2026, 12:03:55 | 17/04/2026, 23:14:36 | Yes | No | - | CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 06/04/2026, 13:36:22 | ovhcloud.com |
| 44.236.67.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS16509 | Amazon.com, Inc. | Amazon | 06/04/2026, 12:03:55 | 07/04/2026, 00:34:01 | - | - | - | - | - | - |
| 13.114.141.•••:443 | - | 🇯🇵 Japan | Yes | true | Clean | AS16509 | Amazon.com, Inc. | Amazon Web Services Japan | 06/04/2026, 12:03:55 | 12/04/2026, 17:56:15 | No | No | - | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 06/04/2026, 13:36:31 | - |
| 8.152.195.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alibaba Cloud | 06/04/2026, 12:03:55 | 16/04/2026, 01:24:08 | No | No | - | CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728 | 06/04/2026, 13:36:41 | - |
| 168.144.65.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 06/04/2026, 12:03:54 | 07/04/2026, 08:03:39 | - | - | - | - | - | - |
| 107.167.5.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS46844 | Sharktech | Sharktech | 06/04/2026, 12:03:54 | 06/04/2026, 15:49:53 | - | - | - | - | - | - |
| 149.30.198.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS133199 | SonderCloud Limited | Solustack Limited | 06/04/2026, 12:03:54 | 15/04/2026, 13:31:00 | Yes | No | - | CVE-2014-4078 | 06/04/2026, 13:37:10 | cogentco.com |
| 15.204.163.•••:20190 | - | 🇺🇸 United States | Yes | true | Leaked | AS16276 | OVH SAS | [name redacted] | 06/04/2026, 12:03:54 | 16/04/2026, 19:50:05 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 06/04/2026, 13:37:22 | ovhcloud.com |
| 2a02:4780:79:dfa6::1:18789 | - | 🇩🇪 Germany | - | true | Clean | AS47583 | Hostinger International Limited | Hostinger | 06/04/2026, 12:03:54 | 06/04/2026, 15:49:52 | - | - | - | - | - | - |
| 204.168.226.•••:18789 | - | 🇫🇮 Finland | Yes | true | Leaked | AS24940 | Hetzner Online GmbH | Hetzner Online | 06/04/2026, 12:03:54 | 15/04/2026, 13:32:11 | Yes | - | - | - | 06/04/2026, 13:37:28 | hetzner.com |
| 115.159.57.•••:18888 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 06/04/2026, 12:03:54 | 15/04/2026, 13:30:38 | Yes | No | - | - | 06/04/2026, 13:37:29 | tencent.com |
| 47.253.255.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45102 | Alibaba (US) Technology Co., Ltd. | Alibaba Cloud US | 06/04/2026, 12:03:53 | 06/04/2026, 15:49:52 | No | No | - | - | 31/03/2026, 13:37:33 | - |
| 123.57.62.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 06/04/2026, 12:03:52 | 15/04/2026, 13:31:07 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-20012, CVE-2019-16905, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385 | 06/04/2026, 13:37:40 | aliyun.com |
| 93.127.197.•••:18789 | Assistant | 🇺🇸 United States | Yes | true | Leaked | AS47583 | Hostinger International Limited | Hostinger | 06/04/2026, 12:03:52 | 12/04/2026, 00:05:09 | Yes | - | - | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-46817, CVE-2025-46818, CVE-2025-46819, CVE-2025-49844, CVE-2025-61984, CVE-2025-61985 | 06/04/2026, 13:37:43 | hstgr.cloud |
| 86.48.29.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS40021 | Contabo Inc. | Contabo | 06/04/2026, 12:03:52 | 12/04/2026, 17:56:16 | Yes | No | - | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 06/04/2026, 13:37:50 | contabo.de, contabo.net |
| 180.154.99.•••:50001 | - | 🇨🇳 China mainland | Yes | true | Clean | AS4812 | China Telecom (Group) | ChinaNet Shanghai | 06/04/2026, 12:03:52 | 10/04/2026, 01:00:55 | No | No | - | - | 31/03/2026, 13:37:54 | - |
| 39.98.47.•••:50001 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 06/04/2026, 12:03:52 | 15/04/2026, 13:31:54 | Yes | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Equation Group, Hafnium Group, Kimsuky, Lazarus Group, Mustang Panda, Sandworm Team, Silence Hacker Group, The Shadow Brokers | CVE-2013-7458, CVE-2016-10517, CVE-2016-10708, CVE-2017-15906, CVE-2018-11218, CVE-2018-11219, CVE-2018-12326, CVE-2018-12453, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-10192, CVE-2019-10193, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-14147, CVE-2021-31294, CVE-2021-32626, CVE-2021-32761, CVE-2021-3470, CVE-2021-41617, CVE-2022-24735, CVE-2022-24736, CVE-2022-24834, CVE-2022-36021, CVE-2022-3647, CVE-2023-25155, CVE-2023-28856, CVE-2023-45145 | 06/04/2026, 13:38:03 | aliyun.com |
| 2.59.167.•••:80 | - | 🇪🇪 Estonia | Yes | true | Clean | AS202376 | Arvid Logicum OU | ZBSCLOUD PROJECT | 06/04/2026, 12:03:52 | 15/04/2026, 01:35:19 | - | - | - | - | - | - |
| 188.166.213.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 06/04/2026, 12:03:52 | 16/04/2026, 01:23:38 | Yes | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2006-20001, CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11984, CVE-2020-11993, CVE-2020-12062, CVE-2020-13938, CVE-2020-13950, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-30641, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-44487, CVE-2023-45802, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-39894, CVE-2024-40898, CVE-2024-6387, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 12/04/2026, 18:44:52 | archnix.com |
| 98.126.102.•••:10124 | - | 🇺🇸 United States | Yes | true | Clean | AS4213 | Krypt Technologies | Krypt Technologies | 06/04/2026, 12:03:51 | 12/04/2026, 16:26:15 | Yes | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 12/04/2026, 14:12:21 | vpls.net, vpls.com |
| 152.42.224.•••:443 | - | 🇸🇬 Singapore | - | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 06/04/2026, 12:03:51 | 06/04/2026, 15:49:51 | - | - | - | - | - | - |
| 149.104.1.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS932 | XNNET LLC | Starcloud Global | 06/04/2026, 12:03:51 | 06/04/2026, 15:49:50 | - | - | - | - | - | - |
| 119.29.63.•••:18888 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 06/04/2026, 12:03:51 | 09/04/2026, 10:53:20 | Yes | No | - | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 06:25:24 | tencent.com |
| 52.76.113.•••:443 | 阿爪 (Claw) (🦞) | 🇸🇬 Singapore | Yes | true | Clean | AS16509 | Amazon.com, Inc. | Amazon | 06/04/2026, 12:03:51 | 06/04/2026, 15:49:50 | - | - | - | - | - | - |
| 134.175.250.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud Computing | 06/04/2026, 12:03:51 | 15/04/2026, 23:59:30 | No | - | - | - | 03/04/2026, 21:53:09 | - |
| 3.237.198.•••:443 | - | 🇺🇸 United States | - | true | Clean | AS14618 | Amazon.com, Inc. | Amazon Web Services | 06/04/2026, 12:03:50 | 06/04/2026, 15:49:49 | - | - | - | - | - | - |
| 111.197.173.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS4808 | China Unicom Beijing Province Network | China Unicom Beijing | 06/04/2026, 12:03:50 | 06/04/2026, 15:49:49 | - | - | - | - | - | - |
| 110.41.76.•••:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS55990 | Huawei Cloud Service data center | Huawei Cloud | 06/04/2026, 12:03:50 | 06/04/2026, 15:49:49 | - | - | - | - | - | - |
| 78.47.176.•••:18789 | - | 🇩🇪 Germany | Yes | true | Leaked | AS24940 | Hetzner Online GmbH | Hetzner Online | 06/04/2026, 12:03:50 | 16/04/2026, 01:23:23 | Yes | No | - | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 23:31:20 | hetzner.com |
| 117.72.99.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS141679 | China Telecom Beijing Tianjin Hebei Big Data Industry Park Branch | JD.com | 06/04/2026, 12:03:50 | 16/04/2026, 12:15:31 | Yes | No | - | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 14:44:26 | jdl.cn, vackbot.com, vg.com, jdfinance.com, 51buy.com, blackdragon.com, jddj.com, 7fresh.com, jd.com, 360buy.com, chinabank.com.cn, 360buyimg.com, imdada.cn, jdh.com |
| 116.108.134.•••:18789 | - | 🇻🇳 Vietnam | Yes | true | Leaked | AS7552 | Viettel Group | Viettel | 06/04/2026, 12:03:50 | 17/04/2026, 09:22:10 | Yes | No | - | - | 09/04/2026, 02:38:46 | macmadigan.com, chickenkiller.com, quickconnect.to, fastspeed.dk, viettel.com.vn, synology.me |
| 20.205.41.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS8075 | Microsoft Corporation | Microsoft | 06/04/2026, 12:03:50 | 17/04/2026, 23:14:34 | No | - | - | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 08/04/2026, 09:23:45 | - |
| 156.253.126.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS142286 | LUOGELANG (FRANCE) LIMITED | Ares IDC Limited | 06/04/2026, 12:03:50 | 16/04/2026, 01:22:48 | No | Yes | APT-C-23, APT28, APT35, APT36, APT37, APT39, Cobalt Group, Equation Group, Gamaredon Group, Ghostwriter, Kimsuky, Lazarus Group, Mustang Panda, Sandworm Team, The Shadow Brokers, Turla APT Group, Volt Typhoon | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-16845, CVE-2018-20685, CVE-2019-20372, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2020-14145, CVE-2021-23017, CVE-2021-3618, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-44487 | 12/04/2026, 15:02:24 | - |
| 38.207.176.•••:18789 | - | 🇭🇰 Hong Kong | - | true | Clean | AS139659 | LUCIDACLOUD LIMITED | Lucidacloud Limited | 06/04/2026, 12:03:50 | 06/04/2026, 15:49:48 | - | - | - | - | - | - |
| 145.255.27.•••:18789 | - | 🇷🇺 Russia | Yes | true | Clean | AS24955 | JSC "Ufanet" | Ufanet | 06/04/2026, 12:03:50 | 12/04/2026, 00:49:07 | - | - | - | - | - | - |
| 43.160.228.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Leaked | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 06/04/2026, 12:03:49 | 12/04/2026, 15:02:34 | Yes | No | - | CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 12/04/2026, 13:47:43 | tencent.com |
| 3.239.123.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS14618 | Amazon.com, Inc. | Amazon Web Services | 06/04/2026, 12:03:49 | 10/04/2026, 01:01:10 | No | No | - | - | 31/03/2026, 23:25:55 | - |
| 103.166.184.•••:443 | - | 🇻🇳 Vietnam | Yes | true | Clean | AS135905 | VIETNAM POSTS AND TELECOMMUNICATIONS GROUP | CloudFly Corporation | 06/04/2026, 12:03:49 | 17/04/2026, 23:58:30 | - | - | - | - | - | - |
| 65.1.205.•••:443 | - | 🇮🇳 India | Yes | true | Clean | AS16509 | Amazon.com, Inc. | Amazon Web Services | 06/04/2026, 12:03:49 | 17/04/2026, 23:59:07 | Yes | Yes | APT14, APT28, APT40, APT41, Cobalt Group, Equation Group, Gamaredon Group, IronHusky, Kimsuky, Lazarus Group, SharpPanda, TA505, The Shadow Brokers, UNC2452, WIRTE | CVE-2006-20001, CVE-2016-20012, CVE-2019-17567, CVE-2020-11984, CVE-2020-11993, CVE-2020-12062, CVE-2020-13950, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-30641, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522 | 09/04/2026, 09:25:19 | letsaspire.in |
| 111.229.70.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 06/04/2026, 12:03:49 | 09/04/2026, 13:08:01 | Yes | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 13:15:09 | tencent.com |
| 42.51.44.•••:50000 | - | 🇨🇳 China mainland | Yes | true | Clean | AS56005 | Zhengzhou Fastidc Technology Co.,Ltd. | Henan Telcom Union Technology | 06/04/2026, 12:03:49 | 06/04/2026, 15:49:47 | - | - | - | - | - | - |
| 149.30.197.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS133199 | SonderCloud Limited | Solustack Limited | 06/04/2026, 12:03:49 | 17/04/2026, 23:58:48 | Yes | No | - | - | 09/04/2026, 06:24:18 | cogentco.com |
| 46.224.161.•••:80 | - | 🇩🇪 Germany | Yes | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner | 06/04/2026, 12:03:48 | 09/04/2026, 09:23:33 | No | No | - | - | 03/04/2026, 09:25:30 | - |
| 156.253.124.•••:18789 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS142286 | LUOGELANG (FRANCE) LIMITED | Ares IDC Limited | 06/04/2026, 12:03:47 | 16/04/2026, 01:22:46 | No | Yes | APT-C-23, APT28, APT35, APT36, APT37, APT39, Cobalt Group, Equation Group, Gamaredon Group, Ghostwriter, Kimsuky, Lazarus Group, Mustang Panda, Sandworm Team, The Shadow Brokers, Turla APT Group, Volt Typhoon | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-16845, CVE-2018-20685, CVE-2019-20372, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, CVE-2020-14145, CVE-2021-23017, CVE-2021-3618, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-44487, CVE-2024-7347 | 09/04/2026, 21:52:41 | - |
| 2a02:c207:2318:6821::1:80 | - | 🇫🇷 France | - | true | Clean | AS51167 | Contabo GmbH | Contabo | 06/04/2026, 12:03:47 | 09/04/2026, 14:37:49 | - | - | - | - | - | - |
| 47.237.254.•••:443 | - | 🇺🇸 United States | Yes | true | Leaked | AS45102 | Alibaba (US) Technology Co., Ltd. | Alibaba Cloud | 06/04/2026, 12:03:47 | 16/04/2026, 11:29:51 | Yes | No | - | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 16/04/2026, 08:47:52 | hichina.com, alibaba-inc.com |
| 149.30.201.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS133199 | SonderCloud Limited | Solustack Limited | 06/04/2026, 12:03:47 | 16/04/2026, 01:22:46 | Yes | No | - | - | 12/04/2026, 23:58:00 | cogentco.com |
| 159.223.194.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 06/04/2026, 12:03:47 | 09/04/2026, 11:38:10 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 11:44:48 | - |
| 170.64.200.•••:443 | - | 🇦🇺 Australia | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 06/04/2026, 12:03:47 | 16/04/2026, 01:24:05 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-20012, CVE-2020-14145, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 07/04/2026, 08:06:46 | - |
| 49.13.28.•••:80 | - | 🇩🇪 Germany | Yes | true | Leaked | AS24940 | Hetzner Online GmbH | Hetzner Online | 06/04/2026, 12:03:46 | 12/04/2026, 23:55:26 | Yes | Yes | APT17, APT29, APT35, APT36, APT37, APT40, APT41, APT45, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Kimsuky, MuddyWater Group, Patchwork, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 22:13:06 | hetzner.de |
| 14.145.196.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Clean | AS4134 | Chinanet | CHINANET Guangdong | 06/04/2026, 12:03:46 | 06/04/2026, 15:49:46 | - | - | - | - | - | - |
| 159.65.162.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 06/04/2026, 12:03:46 | 15/04/2026, 01:34:33 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385 | 09/04/2026, 10:11:55 | - |
| 207.244.241.•••:21287 | - | 🇺🇸 United States | Yes | true | Leaked | AS40021 | Contabo Inc. | Contabo | 06/04/2026, 12:03:46 | 16/04/2026, 11:29:48 | Yes | Yes | APT14, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2001-1556, CVE-2002-0061, CVE-2002-0392, CVE-2003-0020, CVE-2003-0083, CVE-2003-0132, CVE-2004-0174, CVE-2004-0942, CVE-2004-2343, CVE-2005-3352, CVE-2006-20001, CVE-2006-5752, CVE-2007-3304, CVE-2007-4465, CVE-2007-6750, CVE-2008-2939, CVE-2009-3555, CVE-2011-0419, CVE-2012-0031, CVE-2012-0053, CVE-2013-1862, CVE-2015-0228, CVE-2016-20012, CVE-2016-8612, CVE-2017-9788, CVE-2017-9798, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-34798, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-37436, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-40898, CVE-2024-6387, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 23:32:11 | classyng.com, contaboserver.net, contabo.com, contabo.net |
| 15.204.141.•••:10191 | - | 🇺🇸 United States | Yes | true | Clean | AS16276 | OVH SAS | [name redacted] | 06/04/2026, 12:03:46 | 09/04/2026, 08:38:35 | - | - | - | - | - | - |
| 168.144.69.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 06/04/2026, 12:03:46 | 06/04/2026, 15:49:45 | - | - | - | - | - | - |
| 207.180.227.•••:8080 | - | 🇩🇪 Germany | Yes | true | Leaked | AS51167 | Contabo GmbH | Contabo | 06/04/2026, 12:03:46 | 16/04/2026, 14:31:22 | Yes | No | - | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617 | 16/04/2026, 14:36:22 | contabo.de, contabo.net |
| 38.127.47.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS18978 | Enzu Inc | Enzu | 06/04/2026, 12:03:46 | 17/04/2026, 23:58:53 | No | No | - | - | 03/04/2026, 06:23:38 | - |
| 8.162.25.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Clean | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alibaba Cloud | 06/04/2026, 12:03:46 | 15/04/2026, 13:30:09 | - | - | - | - | - | - |
| 147.182.206.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 06/04/2026, 12:03:46 | 17/04/2026, 00:21:05 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 22:32:47 | - |
| 95.111.253.•••:18789 | - | 🇫🇷 France | Yes | true | Clean | AS51167 | Contabo GmbH | Contabo | 06/04/2026, 12:03:46 | 09/04/2026, 14:37:42 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2014-7810, CVE-2015-5174, CVE-2015-5345, CVE-2015-5346, CVE-2015-5351, CVE-2016-0706, CVE-2016-0714, CVE-2016-0762, CVE-2016-0763, CVE-2016-20012, CVE-2016-3092, CVE-2016-5018, CVE-2016-5388, CVE-2016-6794, CVE-2016-6796, CVE-2016-6797, CVE-2016-6816, CVE-2016-8735, CVE-2016-8745, CVE-2017-12617, CVE-2017-5647, CVE-2017-5648, CVE-2017-5664, CVE-2017-7674, CVE-2018-1304, CVE-2018-1305, CVE-2018-1336, CVE-2018-8014, CVE-2018-8034, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-1695, CVE-2025-26465, CVE-2025-32728 | 09/04/2026, 12:22:25 | - |
| 98.126.102.•••:10202 | - | 🇺🇸 United States | Yes | true | Clean | AS4213 | Krypt Technologies | Krypt Technologies | 06/04/2026, 12:03:45 | 16/04/2026, 01:23:04 | Yes | Yes | APT14, APT15, APT28, APT31, APT37, APT39, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT, The Shadow Brokers, WIRTE | CVE-2006-20001, CVE-2013-4352, CVE-2013-5704, CVE-2013-6438, CVE-2014-0098, CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2014-3523, CVE-2014-3581, CVE-2014-8109, CVE-2015-0228, CVE-2015-3183, CVE-2015-3185, CVE-2016-0736, CVE-2016-20012, CVE-2016-2161, CVE-2016-4975, CVE-2016-5387, CVE-2016-8612, CVE-2016-8743, CVE-2017-15710, CVE-2017-15715, CVE-2017-15906, CVE-2017-3167, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-15473, CVE-2018-15919, CVE-2018-17199, CVE-2018-20685, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11985, CVE-2020-13938, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2021-23017, CVE-2021-26690, CVE-2021-26691, CVE-2021-34798, CVE-2021-3618, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2022-41741, CVE-2022-41742, CVE-2023-25690, CVE-2023-28531, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898, CVE-2024-6387, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 13/04/2026, 15:03:46 | vpls.net, vpls.com |
| 51.81.185.•••:10249 | - | 🇺🇸 United States | Yes | true | Leaked | AS16276 | OVH SAS | [name redacted] | 06/04/2026, 12:03:45 | 15/04/2026, 01:34:18 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-20012, CVE-2020-14145, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 08:41:21 | ovhcloud.com, andata.ru |
| 64.23.170.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 06/04/2026, 12:03:45 | 17/04/2026, 10:05:46 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-38709, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-36387, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-39894, CVE-2024-40898, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 01:10:17 | - |
| 23.90.15.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS62904 | Eonix Corporation | Eonix Corporation | 06/04/2026, 12:03:45 | 15/04/2026, 13:30:32 | Yes | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 04:58:14 | eonix.net |
| 173.232.149.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS62904 | Eonix Corporation | Eonix Corporation | 06/04/2026, 12:03:45 | 16/04/2026, 01:22:45 | Yes | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 11:44:54 | eonix.net |
| 159.195.106.•••:443 | - | 🇩🇪 Germany | Yes | true | Clean | AS197540 | netcup GmbH | Netcup | 06/04/2026, 12:03:45 | 17/04/2026, 20:13:45 | - | - | - | - | - | - |
| 110.40.186.•••:18888 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 06/04/2026, 12:03:45 | 12/04/2026, 00:49:25 | Yes | Yes | APT28, APT35, APT37, APT39, Cobalt Group, El-Machete, Kimsuky, Mustang Panda, Sandworm Team | CVE-2015-5352, CVE-2015-5600, CVE-2015-6563, CVE-2015-6564, CVE-2017-15945, CVE-2018-15919, CVE-2020-14145, CVE-2021-41617 | 11/04/2026, 21:51:57 | tencent.com |
| 120.76.140.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 06/04/2026, 12:03:45 | 15/04/2026, 23:59:34 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51385, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 15/04/2026, 22:03:29 | aliyun.com |
| 13.220.241.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS14618 | Amazon.com, Inc. | Amazon Web Services | 06/04/2026, 12:03:45 | 16/04/2026, 01:24:06 | No | No | - | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 07/04/2026, 08:49:20 | - |
| 162.62.226.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Clean | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 06/04/2026, 12:03:45 | 15/04/2026, 13:30:17 | No | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT36, APT37, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Daggerfly APT, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-1322, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728 | 12/04/2026, 22:28:23 | - |
| 63.177.255.•••:443 | - | 🇩🇪 Germany | Yes | true | Clean | AS16509 | Amazon.com, Inc. | A100 ROW | 06/04/2026, 12:03:45 | 16/04/2026, 13:00:53 | No | No | - | - | 31/03/2026, 23:30:32 | - |
| 43.155.132.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Leaked | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 06/04/2026, 12:03:45 | 12/04/2026, 22:26:08 | Yes | Yes | APT37, El-Machete | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 12/04/2026, 15:00:57 | tencent.com |
| 178.104.111.•••:18789 | - | 🇩🇪 Germany | Yes | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner | 06/04/2026, 12:03:44 | 06/04/2026, 15:49:43 | - | - | - | - | - | - |
| 148.135.52.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS35916 | MULTACOM CORPORATION | Brander Group | 06/04/2026, 12:03:44 | 06/04/2026, 15:49:43 | - | - | - | - | - | - |
| 39.97.234.•••:18789 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS37963 | Hangzhou Alibaba Advertising Co.,Ltd. | Alisoft | 06/04/2026, 12:03:44 | 09/04/2026, 07:08:48 | Yes | Yes | Packrat | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617 | 09/04/2026, 05:42:02 | aliyun.com |
| 38.127.47.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS18978 | Enzu Inc | Enzu | 06/04/2026, 12:03:42 | 16/04/2026, 01:22:59 | No | Yes | APT15, APT31, APT37, APT39, Bitter APT, Bluenoroff, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, Salt Typhoon, SideWinder APT | CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385 | 09/04/2026, 21:43:06 | - |
| 49.233.252.•••:80 | - | 🇨🇳 China mainland | Yes | true | Leaked | AS45090 | Shenzhen Tencent Computer Systems Company Limited | Tencent Cloud | 06/04/2026, 12:03:42 | 15/04/2026, 23:59:29 | Yes | Yes | APT28, APT35, APT37, APT39, Cobalt Group, El-Machete, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617 | 09/04/2026, 22:12:40 | tencent.com |
| 2001:41d0:2005:100::195a:18789 | - | 🇮🇹 Italy | - | true | Clean | AS16276 | OVH SAS | VPS EU South Mil 1 | 06/04/2026, 12:03:42 | 16/04/2026, 00:38:41 | - | - | - | - | - | - |
| 149.30.198.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS133199 | SonderCloud Limited | Solustack Limited | 06/04/2026, 12:03:41 | 17/04/2026, 23:58:58 | Yes | No | - | - | 09/04/2026, 13:09:56 | cogentco.com |
| 167.99.72.•••:443 | - | 🇸🇬 Singapore | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 06/04/2026, 12:03:41 | 15/04/2026, 13:31:26 | No | Yes | APT14, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, UNC2452, Volt Typhoon, WIRTE | CVE-2006-20001, CVE-2016-20012, CVE-2019-17567, CVE-2020-11984, CVE-2020-11993, CVE-2020-12062, CVE-2020-13950, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-30641, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 06/04/2026, 23:34:52 | - |
| 107.173.89.•••:18789 | - | 🇺🇸 United States | Yes | true | Leaked | AS36352 | HostPapa | RackNerd | 06/04/2026, 12:03:41 | 15/04/2026, 13:30:51 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 01:06:43 | racknerd.com |
| 49.12.235.•••:18789 | - | 🇩🇪 Germany | Yes | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner Online | 06/04/2026, 12:03:41 | 06/04/2026, 15:49:40 | - | - | - | - | - | - |
| 36.139.220.•••:8081 | - | 🇨🇳 China mainland | Yes | true | Clean | AS9808 | China Mobile Communications Group Co., Ltd. | China Mobile | 06/04/2026, 12:03:41 | 06/04/2026, 15:49:40 | - | - | - | - | - | - |
| 49.12.64.•••:443 | - | 🇩🇪 Germany | Yes | true | Leaked | AS24940 | Hetzner Online GmbH | Hetzner Online | 06/04/2026, 12:03:40 | 17/04/2026, 22:29:42 | Yes | Yes | APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2016-20012, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-42516, CVE-2024-43204, CVE-2024-43394, CVE-2024-47252, CVE-2025-23048, CVE-2025-49630, CVE-2025-49812, CVE-2025-53020, CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-65082, CVE-2025-66200 | 09/04/2026, 10:56:49 | hetzner.de |
| 88.99.69.•••:9004 | - | 🇩🇪 Germany | Yes | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner Online GmbH | 06/04/2026, 12:03:40 | 15/04/2026, 13:31:07 | No | Yes | APT15, APT17, APT28, APT31, APT36, APT37, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT, The Shadow Brokers | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 12/04/2026, 21:01:05 | - |
| 2001:41d0:305:2100::1:2f51:18789 | - | 🇫🇷 France | - | true | Clean | AS16276 | OVH SAS | OVH | 06/04/2026, 12:03:40 | 15/04/2026, 12:46:42 | - | - | - | - | - | - |
| 178.104.58.•••:80 | - | 🇩🇪 Germany | Yes | true | Clean | AS24940 | Hetzner Online GmbH | Hetzner | 06/04/2026, 12:03:40 | 09/04/2026, 06:23:45 | No | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 01:07:43 | - |
| 147.45.163.•••:18789 | - | 🇷🇺 Russia | Yes | true | Clean | AS9123 | JSC "TIMEWEB" | Taiwan Cloud | 06/04/2026, 12:03:40 | 06/04/2026, 15:49:39 | - | - | - | - | - | - |
| 47.243.32.•••:9999 | - | 🇭🇰 Hong Kong | Yes | true | Clean | AS45102 | Alibaba (US) Technology Co., Ltd. | Alibaba Cloud HK | 06/04/2026, 12:03:38 | 12/04/2026, 23:55:53 | No | Yes | APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers | CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51385, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 12/04/2026, 23:57:15 | - |
| 42.51.41.•••:50000 | - | 🇨🇳 China mainland | Yes | true | Clean | AS56005 | Zhengzhou Fastidc Technology Co.,Ltd. | Henan Telcom Union Technology | 06/04/2026, 12:03:38 | 12/04/2026, 00:49:49 | No | Yes | APT15, APT28, APT29, APT31, APT34, APT40, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Earth Berberoka, Energetic Bear, Equation Group, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, Leafminer, Luckycat APT, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon | CVE-2010-1899, CVE-2010-2730, CVE-2010-3972, CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385 | 11/04/2026, 20:20:31 | - |
| 147.182.143.•••:443 | - | 🇺🇸 United States | Yes | true | Clean | AS14061 | DigitalOcean, LLC | DigitalOcean | 06/04/2026, 12:03:38 | 16/04/2026, 18:18:33 | No | No | - | CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728 | 07/04/2026, 04:19:06 | - |
| 192.144.14.•••:443 | - | 🇷🇺 Russia | Yes | true | Clean | AS208677 | "Cloud Technologies" LLC trading as Cloud.ru | Cloud.ru | 06/04/2026, 12:03:37 | 16/04/2026, 19:50:08 | Yes | Yes | APT15, APT17, APT28, APT29, APT31, APT34, APT36, APT37, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon | CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387 | 06/04/2026, 23:39:34 | cloudtech.ie |
| 5.161.212.•••:18789 | - | 🇺🇸 United States | Yes | true | Clean | AS213230 | Hetzner Online GmbH | Hetzner Online | 06/04/2026, 12:03:37 | 09/04/2026, 14:36:59 | - | - | - | - | - | - |
| 240e:3a3:ba0d:18a0:68f0:b5e1:aacd:7:18789 | - | 🇨🇳 China mainland | - | true | Clean | AS4134 | Chinanet | China Telecom IPv6 Broadband Address | 06/04/2026, 12:03:37 | 06/04/2026, 15:49:37 | - | - | - | - | - | - |
| 43.157.224.•••:18789 | - | 🇸🇬 Singapore | Yes | true | Leaked | AS132203 | Tencent Building, Kejizhongyi Avenue | Aceville Pte Ltd | 06/04/2026, 12:03:37 | 16/04/2026, 14:31:22 | Yes | No | - | CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985 | 09/04/2026, 14:36:25 | tencent.com |