🦞 OpenClaw Exposure Watchboard

This page lists publicly reachable active OpenClaw instances for defensive awareness. If this is your deployment, enable authentication, remove direct public exposure, and patch immediately.

Exposed Instances: 816988 Page: 437 / 8170 (100 per page) Showing: 43601-43700 Last Imported: 15/05/2026, 09:32:33
Build With Vivgrid

Ship Secure Enterprise AI Agents 10× Faster with vivgrid.com

Vivgrid gives you authentication, model gateway, tool control, cost tracking, and enterprise observability — everything you need to ship AI agents safely at scale.

Explore Vivgrid
Showing page 437 of 8170
Previous Next
Endpoint Assistant Name Country auth_requiredis_activehas_leaked_credsasnasn_nameorgfirst_seenlast_seenasi_has_breachasi_has_threat_actorasi_threat_actorsasi_cvesasi_enriched_atasi_domains
59.57.135.•••:18789 - 🇨🇳 China mainland Yes false Leaked AS4134ChinanetChinaNet Fujian11/04/2026, 10:09:0517/04/2026, 02:36:32 Yes No --14/04/2026, 09:55:36bj189.cn, 118114.cn, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, ideal.sh.cn, daqu.com.cn, ctyun.cn
115.190.197.•••:8080 - 🇨🇳 China mainland Yes false Clean AS137718Beijing Volcano Engine Technology Co., Ltd.Beijing Volcano Engine Technology11/04/2026, 10:09:0311/04/2026, 10:54:06 - - ----
173.249.11.•••:18789 - 🇩🇪 Germany Yes false Leaked AS51167Contabo GmbHContabo11/04/2026, 10:09:0317/04/2026, 23:58:00 Yes Yes APT15, APT17, APT28, APT31, APT36, APT37, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT, The Shadow BrokersCVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-28531, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198517/04/2026, 21:46:33contaboserver.net, contabo.de, contabo.net
129.153.172.•••:18789 - 🇺🇸 United States Yes false Leaked AS31898Oracle CorporationOracle11/04/2026, 10:09:0317/04/2026, 23:58:59 Yes Yes APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt TyphoonCVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198514/04/2026, 23:21:39healtheintent.com, purewellness.com, cerner.ae, retek.com, tryfoexnow.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, oracle.com, hiedirectconnect.org, maxymiser.net, oraclecloudservices.com, rsys2.net, hyperroll.com, nor1.com, oxygen.systems, oraclegovcloud.com, orcale.com, oraclemobile.com, sun.co.in, openair.co, oraclepdemos.com, stellent.com, siebel.com, cerner.net, oracle-cloud.com, docucorp.com, mvalent.com, elementfusion.com, netsuiteforms.com, oraclecloud.com, en25.com, solaris.com, rightnowtech.com, think.com, ipapp.com, jdedwards.com, tiger-institute.org, zenedge.com, skire.com, sun.com, sales.com, fyleio.com, push.io, estara.com, tekelec.com, textura.com, paymyhealthbill.com, dyndns.com, java.net, optika.com, jcp.org, smed.com, cernerenviza-tw.com, datafox.com, recruitmax.com, decisioneering.com, adiinsights.com, stortek.com, seebeyond.com, livelook.com, openjdk.org, virtualbox.org, dyn.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, storagetek.com, oracledatacloud.com
104.197.184.•••:18789 - 🇺🇸 United States Yes false Clean AS396982Google LLCGoogle11/04/2026, 10:09:0317/04/2026, 10:07:03 No No -CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198514/04/2026, 19:33:57-
116.17.234.•••:18789 - 🇨🇳 China mainland Yes false Clean AS140319CHINATELECOM Guangdong province Qingyuan 5G networkCHINANET Guangdong11/04/2026, 10:09:0314/04/2026, 10:35:13 - - ----
140.82.40.•••:3001 - 🇺🇸 United States Yes false Leaked AS20473The Constant Company, LLCVultr Holdings11/04/2026, 10:09:0317/04/2026, 23:58:02 Yes Yes APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, DragonFly, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt TyphoonCVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198517/04/2026, 21:45:52vultr.com
34.121.177.•••:18789 - 🇺🇸 United States Yes false Clean AS396982Google LLCGoogle11/04/2026, 10:09:0315/04/2026, 01:35:16 No Yes APT28, APT35, APT37, APT39, Cobalt Group, DragonFly, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow BrokersCVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-2853115/04/2026, 01:36:02-
44.222.250.•••:443 - 🇺🇸 United States Yes false Clean AS14618Amazon.com, Inc.Amazon Web Services11/04/2026, 10:09:0317/04/2026, 10:06:54 - - ----
121.41.101.•••:18789 - 🇨🇳 China mainland Yes false Clean AS37963Hangzhou Alibaba Advertising Co.,Ltd.Alisoft11/04/2026, 10:09:0317/04/2026, 23:59:07 - - ----
213.108.23.•••:18789 - 🇫🇮 Finland Yes false Clean AS210644AEZA GROUP LLCAeza Group11/04/2026, 10:09:0211/04/2026, 10:54:05 - - ----
5.35.70.•••:18789 - 🇳🇱 Netherlands Yes false Clean AS216071SERVERS TECH FZCOAmsterdam11/04/2026, 10:09:0217/04/2026, 10:07:25 No Yes APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt TyphoonCVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198514/04/2026, 06:50:31-
38.76.163.•••:18789 - 🇭🇰 Hong Kong Yes false Clean AS401701cognetcloud INCHong Kong Cloud Network Technology Co Ltd11/04/2026, 10:09:0214/04/2026, 20:16:07 - - ----
49.232.197.•••:18789 - 🇨🇳 China mainland Yes false Leaked AS45090Shenzhen Tencent Computer Systems Company LimitedTencent Cloud11/04/2026, 10:09:0214/04/2026, 09:50:29 Yes Yes APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt TyphoonCVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-5138514/04/2026, 09:55:02tencent.com
113.74.225.•••:18789 - 🇨🇳 China mainland Yes false Clean AS4134ChinanetCHINANET Guangdong11/04/2026, 10:09:0211/04/2026, 10:54:05 - - ----
39.98.49.•••:50001 - 🇨🇳 China mainland Yes false Clean AS37963Hangzhou Alibaba Advertising Co.,Ltd.Alisoft11/04/2026, 10:09:0211/04/2026, 10:54:05 - - ----
127.0.0.•••:444 - 🇺🇸 United States - false Leaked AS14061DigitalOcean, LLCDigitalOcean11/04/2026, 10:09:0215/04/2026, 00:05:01 Yes Yes APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt TyphoonCVE-2016-20012, CVE-2020-14145, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198512/04/2026, 22:26:34ovh.net
45.145.191.•••:18789 - 🇷🇺 Russia Yes false Clean AS206805LLC "T1Cloud"T1 Cloud Customer E Net11/04/2026, 10:09:0217/04/2026, 05:36:55 No No -CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2025-67724, CVE-2025-67725, CVE-2025-6772617/04/2026, 04:52:48-
117.72.100.•••:18789 - 🇨🇳 China mainland Yes false Leaked AS141679China Telecom Beijing Tianjin Hebei Big Data Industry Park BranchJD.com11/04/2026, 10:09:0215/04/2026, 01:35:06 Yes - -CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198515/04/2026, 01:38:44jdl.cn, vackbot.com, vg.com, jdfinance.com, 51buy.com, blackdragon.com, jddj.com, 7fresh.com, jd.com, 360buy.com, chinabank.com.cn, 360buyimg.com, imdada.cn, jdh.com
89.169.3.•••:18789 - 🇷🇺 Russia Yes false Clean AS9123JSC "TIMEWEB"Taiwan Cloud11/04/2026, 10:09:0217/04/2026, 02:36:39 No No -CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-21605, CVE-2025-26465, CVE-2025-26466, CVE-2025-27151, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198516/04/2026, 22:07:59-
87.99.148.•••:18789 - 🇺🇸 United States Yes false Clean AS213230Hetzner Online GmbHHetzner11/04/2026, 10:09:0117/04/2026, 10:07:01 - - ----
35.153.79.•••:443 - 🇺🇸 United States Yes false Clean AS14618Amazon.com, Inc.Amazon Web Services11/04/2026, 10:09:0117/04/2026, 23:58:29 - - ----
74.105.232.•••:18789 - 🇺🇸 United States Yes false Leaked AS701Verizon BusinessVerizon Business11/04/2026, 10:09:0117/04/2026, 23:59:05 Yes No --14/04/2026, 16:53:21verizon.com
101.35.209.•••:443 - 🇨🇳 China mainland Yes false Leaked AS45090Shenzhen Tencent Computer Systems Company LimitedTencent Cloud Computing11/04/2026, 10:09:0117/04/2026, 19:28:42 Yes No --14/04/2026, 16:53:22tencent.com
64.226.117.•••:18789 - 🇩🇪 Germany Yes false Clean AS14061DigitalOcean, LLCDigitalOcean11/04/2026, 10:09:0111/04/2026, 10:54:04 - - ----
194.163.182.•••:18789 - 🇩🇪 Germany Yes false Clean AS51167Contabo GmbHContabo11/04/2026, 10:09:0117/04/2026, 23:58:40 No Yes APT14, APT28, APT40, APT41, Cobalt Group, Gamaredon Group, IronHusky, Kimsuky, Lazarus Group, SharpPanda, TA505, WIRTECVE-2006-20001, CVE-2016-20012, CVE-2019-17567, CVE-2020-11984, CVE-2020-11993, CVE-2020-12062, CVE-2020-13950, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-30641, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198514/04/2026, 21:55:23-
113.100.8.•••:18789 - 🇨🇳 China mainland Yes false Clean AS140309CHINATELECOM Guangdong province Zhongshan 5G networkCHINANET Guangdong11/04/2026, 10:09:0114/04/2026, 10:34:40 No No --08/04/2026, 07:37:06-
8.210.69.•••:443 - 🇸🇬 Singapore Yes false Clean AS45102Alibaba (US) Technology Co., Ltd.Alibaba Cloud11/04/2026, 10:09:0117/04/2026, 23:58:41 No Yes APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow BrokersCVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198517/04/2026, 18:49:25-
23.166.168.•••:443 - 🇺🇸 United States Yes false Clean AS8796FASTNET DATA INCSkysync11/04/2026, 10:09:0011/04/2026, 10:54:03 - - ----
151.80.147.•••:18789 - 🇫🇷 France Yes false Clean AS16276OVH SASOVH11/04/2026, 10:09:0017/04/2026, 10:05:45 No No -CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198515/04/2026, 01:36:15-
8.222.199.•••:18789 - 🇸🇬 Singapore Yes false Clean AS45102Alibaba (US) Technology Co., Ltd.Alibaba Cloud Singapore11/04/2026, 10:09:0011/04/2026, 10:54:02 - - ----
220.133.42.•••:18789 - 🇹🇼 Taiwan Yes false Leaked AS3462Data Communication Business GroupChunghwa Telecom11/04/2026, 10:09:0014/04/2026, 21:01:50 Yes Yes APT14, APT17, APT28, APT32, APT35, APT37, APT39, APT40, APT41, Cobalt Group, Equation Group, Gamaredon Group, IronHusky, Kimsuky, Lazarus Group, Mustang Panda, Sandworm Team, SharpPanda, TA505, The Shadow Brokers, UNC2452, WIRTECVE-2017-12172, CVE-2017-15098, CVE-2017-15099, CVE-2017-15710, CVE-2017-15715, CVE-2018-1052, CVE-2018-1053, CVE-2018-1058, CVE-2018-10915, CVE-2018-10925, CVE-2018-1115, CVE-2018-11763, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-1333, CVE-2018-16850, CVE-2018-17189, CVE-2018-17199, CVE-2019-0196, CVE-2019-0197, CVE-2019-0211, CVE-2019-0217, CVE-2019-0220, CVE-2019-10081, CVE-2019-10082, CVE-2019-10092, CVE-2019-10098, CVE-2019-10130, CVE-2019-10164, CVE-2019-10208, CVE-2019-17567, CVE-2019-9193, CVE-2020-10733, CVE-2020-11993, CVE-2020-14349, CVE-2020-14350, CVE-2020-1720, CVE-2020-1927, CVE-2020-1934, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696, CVE-2020-35452, CVE-2020-9490, CVE-2021-23214, CVE-2021-23222, CVE-2021-26690, CVE-2021-26691, CVE-2021-32027, CVE-2021-32028, CVE-2021-33193, CVE-2021-34798, CVE-2021-39275, CVE-2021-40438, CVE-2021-43767, CVE-2021-44224, CVE-2021-44790, CVE-2022-1552, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-2625, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-3181314/04/2026, 17:35:11twgate.net, hinet.net, xuite.net, cht.com.tw, chttl.com.tw
171.223.231.•••:55555 - 🇨🇳 China mainland Yes false Clean AS4134ChinanetChinaNet Sichuan11/04/2026, 10:09:0011/04/2026, 10:54:02 - - ----
8.130.174.•••:443 - 🇸🇬 Singapore Yes false Clean AS37963Hangzhou Alibaba Advertising Co.,Ltd.Alibaba Cloud11/04/2026, 10:09:0011/04/2026, 10:54:02 - - ----
113.45.60.•••:18789 - 🇸🇬 Singapore Yes false Leaked AS55990Huawei Cloud Service data centerHuawei Cloud11/04/2026, 10:09:0017/04/2026, 10:07:17 Yes No --14/04/2026, 06:49:35smartcom.cc, huawei.com, huaweidevice.com
113.250.200.•••:18789 - 🇨🇳 China mainland Yes false Clean AS4134ChinanetChinanet Chongqing11/04/2026, 10:09:0011/04/2026, 10:54:02 - - ----
36.227.151.•••:8081 - 🇹🇼 Taiwan Yes false Clean AS3462Data Communication Business GroupChunghwa Telecom11/04/2026, 10:08:5911/04/2026, 10:54:01 - - ----
3.66.163.•••:443 - 🇩🇪 Germany Yes false Clean AS16509Amazon.com, Inc.A100 ROW11/04/2026, 10:08:5911/04/2026, 10:54:01 - - ----
173.249.49.•••:18789 - 🇩🇪 Germany Yes false Leaked AS51167Contabo GmbHContabo11/04/2026, 10:08:5917/04/2026, 23:57:27 Yes Yes APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Carbanak, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt TyphoonCVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-1636, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2022-29143, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-3272814/04/2026, 22:37:07contabo.de, contabo.net
154.83.211.•••:18789 - 🇺🇸 United States Yes false Clean AS54801Zillion Network Inc.HongKong Lightlayer Technology11/04/2026, 10:08:5917/04/2026, 22:29:43 No No --11/04/2026, 22:35:04-
43.225.159.•••:443 - 🇭🇰 Hong Kong Yes false Clean AS142403YISU CLOUD LTD2-16 Kwai Fung Crescent11/04/2026, 10:08:5915/04/2026, 01:35:09 No Yes APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow BrokersCVE-2015-8325, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-3115, CVE-2016-6210, CVE-2016-6515, CVE-2016-8858, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-4161711/04/2026, 18:22:20-
182.148.29.•••:18789 - 🇨🇳 China mainland Yes false Clean AS4134ChinanetChinaNet Sichuan11/04/2026, 10:08:5917/04/2026, 08:37:26 No No --11/04/2026, 04:06:49-
157.180.122.•••:1985 - 🇫🇮 Finland Yes false Leaked AS24940Hetzner Online GmbHHetzner11/04/2026, 10:08:5914/04/2026, 10:35:31 Yes No -CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198514/04/2026, 04:34:47hetzner.com
58.38.6.•••:18789 - 🇨🇳 China mainland Yes false Clean AS4812China Telecom (Group)ChinaNet Shanghai11/04/2026, 10:08:5911/04/2026, 10:54:01 - - ----
156.238.249.•••:443 - 🇭🇰 Hong Kong Yes false Clean AS8796FASTNET DATA INCCognetCloud11/04/2026, 10:08:5817/04/2026, 10:06:22 No Yes APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt TyphoonCVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-3272811/04/2026, 18:22:27-
46.225.153.•••:18789 - 🇩🇪 Germany Yes false Clean AS24940Hetzner Online GmbHHetzner11/04/2026, 10:08:5811/04/2026, 10:54:00 - - ----
14.19.192.•••:18789 - 🇨🇳 China mainland Yes false Clean AS4134ChinanetCHINANET Guangdong11/04/2026, 10:08:5811/04/2026, 10:54:00 - - ----
43.173.66.•••:18789 - 🇸🇬 Singapore Yes false Leaked AS132203Tencent Building, Kejizhongyi AvenueAceville Pte Ltd11/04/2026, 10:08:5814/04/2026, 10:35:39 Yes No -CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198514/04/2026, 10:37:19tencent.com
2a01:4f8:c012:d47b::1:18789 - 🇩🇪 Germany - false Clean AS24940Hetzner Online GmbHHetzner Online11/04/2026, 10:08:5817/04/2026, 05:36:57 - - ----
104.236.69.•••:443 - 🇺🇸 United States Yes false Clean AS14061DigitalOcean, LLCDigitalOcean11/04/2026, 10:08:5812/04/2026, 00:49:58 No Yes APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt TyphoonCVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-27043, CVE-2023-36632, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-0397, CVE-2024-3219, CVE-2024-4030, CVE-2024-4032, CVE-2024-5642, CVE-2024-6232, CVE-2024-6923, CVE-2024-7592, CVE-2024-8088, CVE-2024-928711/04/2026, 18:22:45-
1.12.223.•••:18789 - 🇨🇳 China mainland Yes false Clean AS45090Shenzhen Tencent Computer Systems Company LimitedTencent Cloud11/04/2026, 10:08:5711/04/2026, 10:53:59 - - ----
51.81.185.•••:10180 - 🇺🇸 United States Yes false Clean AS16276OVH SAS[name redacted]11/04/2026, 10:08:5717/04/2026, 23:57:29 - - ----
159.198.43.•••:18789 - 🇧🇷 Brazil Yes false Leaked AS22612Namecheap, Inc.Namecheap11/04/2026, 10:08:5717/04/2026, 23:57:56 Yes No -CVE-2016-20012, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198514/04/2026, 17:09:28namecheap.com
152.69.206.•••:18789 - 🇺🇸 United States Yes false Leaked AS31898Oracle CorporationOracle11/04/2026, 10:08:5715/04/2026, 01:35:56 Yes Yes APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, DragonFly, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Packrat, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon, goziCVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198514/04/2026, 23:20:44healtheintent.com, purewellness.com, cerner.ae, retek.com, tryfoexnow.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, oracle.com, hiedirectconnect.org, maxymiser.net, oraclecloudservices.com, rsys2.net, hyperroll.com, nor1.com, oxygen.systems, oraclegovcloud.com, orcale.com, oraclemobile.com, sun.co.in, openair.co, oraclepdemos.com, stellent.com, siebel.com, cerner.net, oracle-cloud.com, docucorp.com, mvalent.com, elementfusion.com, netsuiteforms.com, oraclecloud.com, en25.com, solaris.com, rightnowtech.com, think.com, ipapp.com, jdedwards.com, tiger-institute.org, zenedge.com, skire.com, sun.com, sales.com, fyleio.com, push.io, estara.com, tekelec.com, textura.com, paymyhealthbill.com, dyndns.com, java.net, optika.com, jcp.org, smed.com, cernerenviza-tw.com, datafox.com, recruitmax.com, decisioneering.com, adiinsights.com, stortek.com, seebeyond.com, livelook.com, openjdk.org, virtualbox.org, dyn.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, storagetek.com, oracledatacloud.com
2409:8a34:4e52:5890:100b:9059:4b:e41f:18789 - 🇨🇳 China mainland - false Clean AS9808China Mobile Communications Group Co., Ltd.China Mobile11/04/2026, 10:08:5714/04/2026, 10:35:25 - - ----
123.56.15.•••:18789 - 🇨🇳 China mainland Yes false Leaked AS37963Hangzhou Alibaba Advertising Co.,Ltd.Alisoft11/04/2026, 10:08:5715/04/2026, 00:05:02 Yes Yes APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt TyphoonCVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-5138514/04/2026, 20:18:42aliyun.com
47.77.229.•••:18789 - 🇺🇸 United States Yes false Leaked AS45102Alibaba (US) Technology Co., Ltd.Alibaba Cloud11/04/2026, 10:06:4915/04/2026, 00:02:11 Yes No -CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198515/04/2026, 00:05:48hichina.com, alibaba-inc.com
47.103.135.•••:18789 - 🇨🇳 China mainland - false Clean AS37963Hangzhou Alibaba Advertising Co.,Ltd.Alisoft11/04/2026, 10:06:4911/04/2026, 10:51:53 - - ----
20.165.239.•••:18789 - 🇺🇸 United States - false Clean AS8075Microsoft CorporationMicrosoft11/04/2026, 10:06:4911/04/2026, 10:51:53 - - ----
20.97.24.•••:18789 - 🇺🇸 United States - false Clean AS8075Microsoft CorporationMicrosoft11/04/2026, 10:06:4811/04/2026, 10:51:53 - - ----
85.137.164.•••:18789 - 🇨🇿 Czechia Yes false Clean AS62212SmartApe OUSmartape11/04/2026, 10:06:4818/04/2026, 00:41:01 No No --11/04/2026, 23:13:47-
58.32.25.•••:18789 - 🇨🇳 China mainland Yes false Clean AS4812China Telecom (Group)ChinaNet Shanghai BBAD 22411/04/2026, 10:06:4811/04/2026, 10:51:52 - - ----
146.103.102.•••:18789 - 🇳🇱 Netherlands Yes false Clean AS216071SERVERS TECH FZCOAmsterdam11/04/2026, 10:06:4811/04/2026, 10:51:52 - - ----
20.194.121.•••:18789 - 🇺🇸 United States - false Clean AS8075Microsoft CorporationMicrosoft11/04/2026, 10:06:4811/04/2026, 10:51:52 - - ----
154.81.38.•••:18789 - 🇺🇸 United States Yes false Clean AS140869Turing Group LimitedTuring Group Limited11/04/2026, 10:06:4816/04/2026, 18:15:54 No Yes APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow BrokersCVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-4161716/04/2026, 12:59:36-
172.67.150.•••:18789 - 🇺🇸 United States - false Clean AS13335Cloudflare, Inc.Cloudflare11/04/2026, 10:06:4712/04/2026, 00:47:09 - - ----
4.155.36.•••:18789 - 🇺🇸 United States - false Clean AS8075Microsoft CorporationMicrosoft11/04/2026, 10:06:4711/04/2026, 17:42:33 - - ----
114.229.20.•••:18789 - 🇨🇳 China mainland Yes false Leaked AS4134ChinanetChinanet Jiangsu Province Network11/04/2026, 10:06:4717/04/2026, 10:03:50 Yes No --12/04/2026, 14:23:48bj189.cn, chickenkiller.com, quickconnect.to, fastspeed.dk, 118114.cn, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, ideal.sh.cn, daqu.com.cn, ctyun.cn
124.222.85.•••:18789 - 🇨🇳 China mainland Yes false Clean AS45090Shenzhen Tencent Computer Systems Company LimitedTencent Cloud11/04/2026, 10:06:4717/04/2026, 18:46:46 - - ----
20.225.85.•••:18789 - 🇺🇸 United States - false Clean AS8075Microsoft CorporationMicrosoft11/04/2026, 10:06:4711/04/2026, 10:51:51 - - ----
45.128.99.•••:18789 - 🇩🇪 Germany - false Clean AS198178365.partners INCNeterra IP11/04/2026, 10:06:4711/04/2026, 10:51:50 - - ----
47.92.91.•••:18789 - 🇨🇳 China mainland - false Clean AS37963Hangzhou Alibaba Advertising Co.,Ltd.Alisoft11/04/2026, 10:06:4618/04/2026, 00:40:48 - - ----
173.255.226.•••:18789 - 🇺🇸 United States Yes false Clean AS63949Akamai Connected CloudLinode11/04/2026, 10:06:4617/04/2026, 09:19:32 - - ----
154.81.38.•••:18789 - 🇺🇸 United States Yes false Clean AS140869Turing Group LimitedTuring Group Limited11/04/2026, 10:06:4615/04/2026, 00:02:17 No No --08/04/2026, 18:49:11-
113.110.74.•••:18789 - 🇨🇳 China mainland Yes false Clean AS4134ChinanetCHINANET Guangdong11/04/2026, 10:06:4611/04/2026, 10:51:50 - - ----
43.157.247.•••:18789 - 🇸🇬 Singapore Yes false Leaked AS132203Tencent Building, Kejizhongyi AvenueAceville Pte Ltd11/04/2026, 10:06:4615/04/2026, 11:58:43 Yes No -CVE-2014-4078, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198512/04/2026, 13:43:45tencent.com
204.141.218.•••:18789 - 🇭🇰 Hong Kong Yes false Leaked AS152644QINIU LimitedSuperstify Technology Pte Ltd11/04/2026, 10:06:4617/04/2026, 08:34:34 Yes No -CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198517/04/2026, 07:07:11alternativepayments.com, ignatius.edu, nflplayercare.com, openbsd.org, openssh.com, nfl.biz, ntt.net, mod.go.jp, archny.org, gih.com, 2000charge.com, nfl.net
59.57.135.•••:18789 - 🇨🇳 China mainland Yes false Leaked AS4134ChinanetChinaNet Fujian11/04/2026, 10:06:4617/04/2026, 01:03:34 Yes No --14/04/2026, 08:19:56bj189.cn, 118114.cn, ctwing.cn, chinatelecom.com.cn, chinatelecom.cn, new-gm.cn, 189.cn, 189free.cn, ideal.sh.cn, daqu.com.cn, ctyun.cn
52.141.61.•••:18789 - 🇺🇸 United States - false Clean AS8075Microsoft CorporationMicrosoft11/04/2026, 10:06:4611/04/2026, 10:51:50 - - ----
115.190.197.•••:18789 - 🇨🇳 China mainland - false Clean AS137718Beijing Volcano Engine Technology Co., Ltd.Beijing Volcano Engine Technology11/04/2026, 10:06:4611/04/2026, 10:51:50 - - ----
180.93.136.•••:18789 - 🇻🇳 Vietnam - false Clean AS135951Webico Company LimitedSaigon Postel11/04/2026, 10:06:4611/04/2026, 10:51:49 - - ----
129.153.172.•••:18789 - 🇺🇸 United States Yes false Clean AS31898Oracle CorporationOracle11/04/2026, 10:06:4611/04/2026, 10:51:49 - - ----
104.197.184.•••:18789 - 🇺🇸 United States Yes false Clean AS396982Google LLCGoogle11/04/2026, 10:06:4617/04/2026, 09:19:30 - - ----
4.151.200.•••:18789 - 🇺🇸 United States - false Clean AS8075Microsoft CorporationMicrosoft11/04/2026, 10:06:4511/04/2026, 10:51:49 - - ----
34.121.177.•••:18789 - 🇺🇸 United States Yes false Clean AS396982Google LLCGoogle11/04/2026, 10:06:4515/04/2026, 01:32:57 - - ----
121.41.101.•••:18789 - 🇨🇳 China mainland Yes false Clean AS37963Hangzhou Alibaba Advertising Co.,Ltd.Alisoft11/04/2026, 10:06:4517/04/2026, 23:11:50 - - ----
47.92.76.•••:18789 - 🇨🇳 China mainland - false Clean AS37963Hangzhou Alibaba Advertising Co.,Ltd.Alisoft11/04/2026, 10:06:4517/04/2026, 10:03:47 - - ----
213.108.23.•••:18789 - 🇫🇮 Finland Yes false Clean AS210644AEZA GROUP LLCAeza Group11/04/2026, 10:06:4511/04/2026, 10:51:48 - - ----
5.35.70.•••:18789 - 🇳🇱 Netherlands Yes false Clean AS216071SERVERS TECH FZCOAmsterdam11/04/2026, 10:06:4517/04/2026, 07:49:41 - - ----
38.76.163.•••:18789 - 🇭🇰 Hong Kong Yes false Clean AS401701cognetcloud INCHong Kong Cloud Network Technology Co Ltd11/04/2026, 10:06:4514/04/2026, 18:08:40 - - ----
3.14.251.•••:18789 - 🇺🇸 United States - false Clean AS16509Amazon.com, Inc.Amazon11/04/2026, 10:06:4511/04/2026, 10:51:48 - - ----
49.232.197.•••:18789 - 🇨🇳 China mainland Yes false Leaked AS45090Shenzhen Tencent Computer Systems Company LimitedTencent Cloud11/04/2026, 10:06:4514/04/2026, 08:17:39 Yes Yes APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt TyphoonCVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-5138514/04/2026, 08:18:23tencent.com
167.99.80.•••:18789 - 🇬🇧 United Kingdom - false Clean AS14061DigitalOcean, LLCDigitalOcean11/04/2026, 10:06:4411/04/2026, 10:51:48 - - ----
113.74.225.•••:18789 - 🇨🇳 China mainland Yes false Clean AS4134ChinanetCHINANET Guangdong11/04/2026, 10:06:4411/04/2026, 10:51:48 - - ----
39.98.49.•••:18789 - 🇨🇳 China mainland - false Clean AS37963Hangzhou Alibaba Advertising Co.,Ltd.Alisoft11/04/2026, 10:06:4411/04/2026, 10:51:48 - - ----
45.145.191.•••:18789 - 🇷🇺 Russia Yes false Clean AS206805LLC "T1Cloud"T1 Cloud Customer E Net11/04/2026, 10:06:4417/04/2026, 03:18:59 No No -CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2025-67724, CVE-2025-67725, CVE-2025-6772617/04/2026, 02:34:39-
23.100.96.•••:18789 - 🇺🇸 United States - false Clean AS8075Microsoft CorporationMicrosoft11/04/2026, 10:06:4411/04/2026, 10:51:47 - - ----
117.72.100.•••:18789 - 🇨🇳 China mainland Yes false Clean AS141679China Telecom Beijing Tianjin Hebei Big Data Industry Park BranchJD.com11/04/2026, 10:06:4415/04/2026, 01:32:46 - - ----
20.194.56.•••:18789 - 🇺🇸 United States - false Clean AS8075Microsoft CorporationMicrosoft11/04/2026, 10:06:4411/04/2026, 10:51:47 - - ----
89.169.3.•••:18789 - 🇷🇺 Russia Yes false Clean AS9123JSC "TIMEWEB"Taiwan Cloud11/04/2026, 10:06:4418/04/2026, 00:40:52 No No -CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-21605, CVE-2025-26465, CVE-2025-26466, CVE-2025-27151, CVE-2025-32728, CVE-2025-61984, CVE-2025-6198514/04/2026, 09:49:59-