Over 199,500 systems still vulnerable to Heartbleed bug, according to Shodan, a search engine that scans for vulnerable devices. United States, Korea, China, Germany, France, Russia, UK, India Brazil and Italy are the countries most affected by the bug. About 75,000 of the vulnerable services use expired SSL certificates and run Linux 3.x. The most vulnerable services in the United States are SK Broadband and Amazon.com, and about 75,00 of them use expired certificates.
Source: https://thehackernews.com/2017/01/heartbleed-openssl-vulnerability.html