🦞 OpenClaw Exposure Watchboard

This page lists publicly reachable active OpenClaw instances for defensive awareness. If this is your deployment, enable authentication, remove direct public exposure, and patch immediately.

Exposed Instances: 816988 Page: 6342 / 8170 (100 per page) Showing: 634101-634200 Last Imported: 15/05/2026, 09:32:33

🇨🇳 425,761

🇺🇸 231,518

Endpoint	Assistant Name	Country	auth_required	is_active	has_leaked_creds	asn	asn_name	org	first_seen	last_seen	asi_has_breach	asi_has_threat_actor	asi_threat_actors	asi_cves	asi_enriched_at	asi_domains
152.70.248.•••:8443	-	🇺🇸 United States	Yes	false	Leaked	AS31898	Oracle Corporation	Oracle	14/02/2026, 05:52:39	24/02/2026, 03:59:39	Yes	No	-	CVE-2016-20012, CVE-2019-16905, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51385, CVE-2024-7347, CVE-2025-23419, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	14/02/2026, 22:43:13	healtheintent.com, purewellness.com, cerner.ae, retek.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, oracle.com, hiedirectconnect.org, maxymiser.net, oraclecloudservices.com, rsys2.net, hyperroll.com, nor1.com, oxygen.systems, oraclegovcloud.com, orcale.com, oraclemobile.com, sun.co.in, openair.co, oraclepdemos.com, stellent.com, siebel.com, cerner.net, oracle-cloud.com, docucorp.com, mvalent.com, netsuiteforms.com, oraclecloud.com, en25.com, solaris.com, rightnowtech.com, think.com, ipapp.com, jdedwards.com, tiger-institute.org, zenedge.com, skire.com, sun.com, sales.com, fyleio.com, push.io, estara.com, tekelec.com, paymyhealthbill.com, dyndns.com, java.net, optika.com, jcp.org, smed.com, cernerenviza-tw.com, datafox.com, recruitmax.com, decisioneering.com, adiinsights.com, stortek.com, seebeyond.com, livelook.com, openjdk.org, virtualbox.org, dyn.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, storagetek.com, oracledatacloud.com
45.76.149.•••:80	-	🇸🇬 Singapore	Yes	false	Leaked	AS20473	The Constant Company, LLC	Vultr Holdings	14/02/2026, 05:52:39	09/03/2026, 23:11:02	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, DragonFly, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	14/02/2026, 22:43:16	vultr.com
106.12.21.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:39	26/02/2026, 03:03:27	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617	14/02/2026, 22:43:17	bj189.cn, baidu.com
120.48.93.•••:18789	小灵通 (🦊)	🇺🇸 United States	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:39	13/03/2026, 10:34:00	Yes	Yes	APT17, APT28, APT35, APT37, APT39, Cobalt Group, DragonFly, El-Machete, Gozi, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	14/02/2026, 22:43:18	chinamobile.com, chinamobile.cn, baidu.com
136.116.129.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS396982	Google LLC	Google	14/02/2026, 05:52:39	01/03/2026, 06:03:13	No	No	-	-	08/02/2026, 22:43:19	-
50.116.57.•••:18789	-	🇺🇸 United States	Yes	false	Leaked	AS63949	Akamai Connected Cloud	Linode	14/02/2026, 05:52:39	08/04/2026, 12:23:28	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2014-2323, CVE-2014-2324, CVE-2015-3200, CVE-2015-8325, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-20012, CVE-2016-3115, CVE-2016-6210, CVE-2016-6515, CVE-2016-8858, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-19052, CVE-2018-20685, CVE-2019-11072, CVE-2019-12519, CVE-2019-12520, CVE-2019-12521, CVE-2019-12522, CVE-2019-12523, CVE-2019-12524, CVE-2019-12525, CVE-2019-12526, CVE-2019-12527, CVE-2019-12528, CVE-2019-12529, CVE-2019-12854, CVE-2019-13345, CVE-2019-18676, CVE-2019-18677, CVE-2019-18678, CVE-2019-18679, CVE-2019-18860, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11945, CVE-2020-14058, CVE-2020-14145, CVE-2020-15049, CVE-2020-15778, CVE-2020-15810, CVE-2020-15811, CVE-2020-24606, CVE-2020-25097, CVE-2020-8449, CVE-2020-8450, CVE-2020-8517, CVE-2021-28116, CVE-2021-28651, CVE-2021-28652, CVE-2021-28662, CVE-2021-31806, CVE-2021-31807, CVE-2021-31808, CVE-2021-33620, CVE-2021-36368, CVE-2021-41617, CVE-2021-46784, CVE-2022-40468, CVE-2022-41318, CVE-2023-28531, CVE-2023-29323, CVE-2023-35784, CVE-2023-38408, CVE-2023-46724, CVE-2023-46728, CVE-2023-46846, CVE-2023-46847, CVE-2023-48795, CVE-2023-49285, CVE-2023-49286, CVE-2023-49288, CVE-2023-49606, CVE-2023-50269, CVE-2023-51384, CVE-2023-51385, CVE-2023-5824, CVE-2024-25111, CVE-2024-25617, CVE-2024-33427, CVE-2024-37894, CVE-2024-45802, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	14/02/2026, 22:43:20	arraythemes.com, healtheintent.com, purewellness.com, retek.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, oracle.com, chickenkiller.com, oraclecloudservices.com, opengw.net, rsys2.net, hyperroll.com, orcale.com, oraclemobile.com, sun.co.in, stellent.com, advancedcustomfields.com, siebel.com, cerner.net, dynip.online, oracle-cloud.com, docucorp.com, mvalent.com, perfectdashboard.com, wpenginepowered.com, wpengine.com, en25.com, solaris.com, crabdance.com, rightnowtech.com, think.com, ipapp.com, jdedwards.com, tiger-institute.org, bettersearchreplace.com, skire.com, deliciousbrains.com, studiopress.community, sales.com, fyleio.com, push.io, estara.com, tekelec.com, paymyhealthbill.com, dyndns.com, optika.com, dyndns.org, jcp.org, wpengine.careers, smed.com, cernerenviza-tw.com, wpeproxy.com, recruitmax.com, decisioneering.com, stortek.com, seebeyond.com, wpengine.net, livelook.com, sqlbuddy.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, torquemag.io, storagetek.com, studiopress.com
172.245.26.•••:18789	Hoper Asst (🎓)	🇺🇸 United States	Yes	false	Leaked	AS36352	HostPapa	RackNerd	14/02/2026, 05:52:39	14/02/2026, 22:41:30	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2018-10903, CVE-2018-14574, CVE-2018-14622, CVE-2018-15473, CVE-2018-15919, CVE-2018-17183, CVE-2018-20685, CVE-2018-2826, CVE-2018-6553, CVE-2018-6557, CVE-2019-13565, CVE-2019-15098, CVE-2019-19052, CVE-2019-19063, CVE-2019-19922, CVE-2019-2922, CVE-2019-2924, CVE-2019-5798, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9071, CVE-2020-0198, CVE-2020-11933, CVE-2020-12062, CVE-2020-14145, CVE-2020-14355, CVE-2020-14415, CVE-2020-15705, CVE-2020-15706, CVE-2020-15778, CVE-2020-1730, CVE-2020-27348, CVE-2020-5311, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2022-20698, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	14/02/2026, 22:43:22	racknerd.com
80.225.207.•••:18789	小马珍珠 (🦄)	🇺🇸 United States	Yes	false	Leaked	AS31898	Oracle Corporation	Oracle Sweden	14/02/2026, 05:52:39	20/02/2026, 16:16:21	Yes	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	14/02/2026, 22:43:24	healtheintent.com, purewellness.com, retek.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, oraclecloudservices.com, rsys2.net, hyperroll.com, orcale.com, oraclemobile.com, sun.co.in, stellent.com, siebel.com, cerner.net, oracle-cloud.com, docucorp.com, mvalent.com, oracleemaildelivery.com, en25.com, solaris.com, rightnowtech.com, think.com, ipapp.com, jdedwards.com, tiger-institute.org, skire.com, sales.com, fyleio.com, push.io, estara.com, tekelec.com, paymyhealthbill.com, dyndns.com, optika.com, jcp.org, smed.com, cernerenviza-tw.com, recruitmax.com, decisioneering.com, stortek.com, seebeyond.com, livelook.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, storagetek.com
106.12.31.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:39	26/02/2026, 17:08:16	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	-	14/02/2026, 22:43:25	bj189.cn, baidu.com
147.182.231.•••:443	Assistant	🇺🇸 United States	Yes	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	14/02/2026, 05:52:39	15/02/2026, 05:17:51	No	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	14/02/2026, 22:43:26	-
2a02:c207:2306:4936::1:18789	-	🇫🇷 France	-	false	Clean	AS51167	Contabo GmbH	Contabo	14/02/2026, 05:52:39	14/02/2026, 22:41:30	-	-	-	-	-	-
180.76.58.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:39	02/03/2026, 19:09:35	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	-	14/02/2026, 22:43:28	tfn.net.tw, baidu.com, bjev.com.cn
135.181.248.•••:18789	Jarvis (tidligere Claw) (🦞)	🇫🇮 Finland	Yes	false	Leaked	AS24940	Hetzner Online GmbH	Hetzner Online	14/02/2026, 05:52:39	17/02/2026, 21:15:03	Yes	Yes	APT-C-23, APT14, APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Earth Berberoka, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, IronHusky, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, TA505, The Shadow Brokers, Turla APT Group, UNC2452, Volt Typhoon, WIRTE	CVE-2013-1896, CVE-2013-4352, CVE-2013-5704, CVE-2013-6438, CVE-2014-0098, CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2014-3581, CVE-2014-8109, CVE-2015-0228, CVE-2015-3183, CVE-2015-3185, CVE-2016-0736, CVE-2016-10708, CVE-2016-20012, CVE-2016-2161, CVE-2016-4975, CVE-2016-5387, CVE-2016-8612, CVE-2016-8743, CVE-2017-15710, CVE-2017-15715, CVE-2017-15906, CVE-2017-3167, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-15473, CVE-2018-15919, CVE-2018-17199, CVE-2018-20685, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-16905, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11985, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2021-23017, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-34798, CVE-2021-3618, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347	14/02/2026, 22:43:29	hetzner.com
138.197.87.•••:443	TARS (tars)	🇺🇸 United States	Yes	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	14/02/2026, 05:52:38	25/03/2026, 11:03:45	No	Yes	Salt Typhoon	CVE-2016-20012, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728	14/02/2026, 22:43:31	-
106.13.170.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:38	26/02/2026, 17:08:09	Yes	Yes	APT17, APT28, APT35, APT37, APT39, Cobalt Group, DragonFly, El-Machete, Gozi, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	14/02/2026, 22:43:32	bj189.cn, baidu.com
106.53.223.•••:18789	-	🇨🇳 China mainland	Yes	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	14/02/2026, 05:52:38	15/04/2026, 12:46:41	Yes	-	-	-	14/02/2026, 22:43:33	bj189.cn, tencent.com
158.180.79.•••:80	-	🇺🇸 United States	Yes	false	Leaked	AS31898	Oracle Corporation	Oracle	14/02/2026, 05:52:38	26/02/2026, 11:13:44	Yes	No	-	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	14/02/2026, 22:43:36	healtheintent.com, purewellness.com, retek.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, oraclecloudservices.com, rsys2.net, hyperroll.com, orcale.com, oraclemobile.com, sun.co.in, stellent.com, siebel.com, cerner.net, oracle-cloud.com, docucorp.com, mvalent.com, oracleemaildelivery.com, pp.ua, en25.com, solaris.com, rightnowtech.com, think.com, ipapp.com, jdedwards.com, tiger-institute.org, skire.com, sales.com, fyleio.com, push.io, estara.com, tekelec.com, paymyhealthbill.com, dyndns.com, optika.com, jcp.org, smed.com, cernerenviza-tw.com, recruitmax.com, decisioneering.com, stortek.com, seebeyond.com, livelook.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, storagetek.com
51.81.220.•••:80	-	🇺🇸 United States	Yes	false	Leaked	AS16276	OVH SAS	VPS in US West Oregon 2	14/02/2026, 05:52:38	14/02/2026, 22:41:30	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	14/02/2026, 22:43:38	ovh.us, ovhcloud.com
106.12.2.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:38	28/02/2026, 10:44:33	No	No	-	-	08/02/2026, 22:43:40	-
106.12.31.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:38	26/02/2026, 17:07:35	Yes	Yes	APT-C-23, Gamaredon Group, Ghostwriter, Lazarus Group, Turla APT Group, Volt Typhoon	CVE-2022-41741, CVE-2022-41742, CVE-2023-44487, CVE-2024-7347	14/02/2026, 22:43:42	bj189.cn, baidu.com
5.161.54.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS213230	Hetzner Online GmbH	Hetzner Online	14/02/2026, 05:52:38	21/02/2026, 01:58:52	Yes	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Equation Group, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Turla APT Group, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-23017, CVE-2021-28041, CVE-2021-3618, CVE-2021-36368, CVE-2021-41617, CVE-2022-41741, CVE-2022-41742, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-6484, CVE-2024-6485, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728	14/02/2026, 22:43:43	hetzner.com
140.143.143.•••:443	龙龙 (https://cdn.syngents.cn/syngents/openclaw/avatar/2.png)	🇨🇳 China mainland	Yes	false	Clean	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	14/02/2026, 05:52:38	16/03/2026, 00:25:41	No	Yes	APT15, APT28, APT29, APT31, APT34, APT37, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	14/02/2026, 22:43:45	-
180.76.144.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:38	14/02/2026, 22:41:30	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	-	14/02/2026, 22:43:46	tfn.net.tw, baidu.com
120.48.42.•••:18789	Claw (🦾)	🇺🇸 United States	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:38	06/03/2026, 23:05:09	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	-	14/02/2026, 22:43:47	chinamobile.com, chinamobile.cn, baidu.com
106.12.42.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:38	26/02/2026, 01:34:04	-	-	-	-	-	-
120.48.172.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:38	13/03/2026, 10:34:00	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, El-Machete, Gozi, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	14/02/2026, 22:43:50	chinamobile.com, chinamobile.cn, baidu.com
120.48.71.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:38	13/03/2026, 19:58:40	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	-	14/02/2026, 22:43:52	chinamobile.com, chinamobile.cn, baidu.com
106.12.45.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:38	28/02/2026, 04:50:38	Yes	No	-	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	14/02/2026, 22:43:55	bj189.cn, baidu.com
106.13.178.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:38	26/02/2026, 11:13:45	Yes	No	-	-	14/02/2026, 22:43:56	bj189.cn, baidu.com
180.76.188.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:38	14/02/2026, 22:41:28	Yes	Yes	APT17, APT28, APT35, APT37, APT39, Cobalt Group, DragonFly, El-Machete, Gozi, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	14/02/2026, 22:43:57	tfn.net.tw, baidu.com
106.12.161.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:38	06/03/2026, 23:05:54	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	-	14/02/2026, 22:44:01	bj189.cn, baidu.com
151.242.2.•••:18789	Prime (TBD)	🇳🇱 Netherlands	Yes	false	Clean	AS207847	CloudBlast LLC	CloudBlast	14/02/2026, 05:52:38	14/02/2026, 22:41:28	No	-	-	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	14/02/2026, 22:44:02	-
157.90.226.•••:18789	Assistant	🇩🇪 Germany	Yes	false	Leaked	AS24940	Hetzner Online GmbH	Hetzner Online	14/02/2026, 05:52:37	17/04/2026, 23:58:08	Yes	No	-	-	14/02/2026, 22:44:04	hetzner.com
106.12.175.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:37	16/04/2026, 15:16:54	Yes	No	-	-	14/02/2026, 22:44:06	bj189.cn, baidu.com
163.7.1.•••:18789	Assistant	🇸🇬 Singapore	Yes	false	Clean	AS150436	Byteplus Pte. Ltd.	Byteplus	14/02/2026, 05:52:37	14/02/2026, 22:41:28	-	-	-	-	-	-
180.76.190.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:37	04/03/2026, 12:47:47	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-59474, CVE-2025-59475, CVE-2025-59476, CVE-2025-61984, CVE-2025-61985	14/02/2026, 22:44:09	tfn.net.tw, baidu.com
106.12.45.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:37	25/02/2026, 20:33:53	-	-	-	-	-	-
106.12.20.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:37	26/02/2026, 17:08:13	-	-	-	-	-	-
220.173.56.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS4134	Chinanet	ChinaNet Guangxi	14/02/2026, 05:52:37	17/02/2026, 14:31:56	Yes	No	-	CVE-2009-4593	14/02/2026, 22:44:12	relianceidc.com, rarcl.com, relianceadagroup.com, simplo.com.cn, relianceglobalcall.com, rcom.co.in, relianceada.com, reliancecapital.co.in
89.167.55.•••:18789	Claw - Income Opportunities Assistant (💡)	🇫🇮 Finland	Yes	false	Clean	AS24940	Hetzner Online GmbH	Hetzner	14/02/2026, 05:52:37	14/02/2026, 22:41:28	-	-	-	-	-	-
106.13.14.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:37	12/03/2026, 09:38:23	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	14/02/2026, 22:44:15	bj189.cn, baidu.com
106.12.46.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:37	28/02/2026, 07:47:46	-	-	-	-	-	-
45.119.81.•••:80	-	🇻🇳 Vietnam	Yes	false	Clean	AS131386	Long Van System Solution JSC	Long Van System Solution	14/02/2026, 05:52:37	13/03/2026, 10:34:21	No	Yes	APT-C-23, APT-C-34, APT10, APT14, APT15, APT17, APT20, APT27, APT28, APT29, APT3, APT30, APT31, APT32, APT33, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT5, AVIVORE, Bitter APT, BlackTech APT, Bluenoroff, Bronze Butler APT, Callisto Group, Carbanak, Chimera APT, Cobalt Group, DarkHotel Group, Donot Team, Earth Berberoka, Energetic Bear, Equation Group, Evil Eye APT, FIN6, Gamaredon Group, Gaza Cybergang, Goblin Panda, Gorgon Group, GreyEnergy Group, Hafnium Group, Ice Fog APT, Inception Framework, Iridium APT, IronHusky, Karma Panda, Kimsuky, Lazarus Group, Lyceum APT, Mikroceen APT, MuddyWater Group, Mustang Panda, Orangeworm, Pacha Group, Patchwork, Pioneer Kitten, Platinum Group, Promethium Group, Rancor Group, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SharpPanda, SideWinder APT, Silence Hacker Group, Stealth Falcon APT, Syrian Electronic Army, TA410, TA428, TA456, TA505, TA542, TEMP.Hermit, TeamSpy, The Shadow Brokers, Triton APT, Tropic Trooper, Turla APT Group, Vicious Panda, Volatile Kitten, Volt Typhoon, WIRTE, Wild Neutron, WildPressure	CVE-2006-20001, CVE-2008-0455, CVE-2009-3560, CVE-2009-3720, CVE-2010-0434, CVE-2010-1452, CVE-2010-1623, CVE-2010-2068, CVE-2010-4478, CVE-2010-4755, CVE-2010-5107, CVE-2011-0419, CVE-2011-3192, CVE-2011-3348, CVE-2011-3368, CVE-2011-3607, CVE-2011-3639, CVE-2011-4317, CVE-2011-4327, CVE-2011-4415, CVE-2011-5000, CVE-2012-0031, CVE-2012-0053, CVE-2012-0814, CVE-2012-0883, CVE-2012-2687, CVE-2012-3499, CVE-2012-4557, CVE-2012-4558, CVE-2013-1862, CVE-2013-1896, CVE-2013-2249, CVE-2013-5704, CVE-2013-6438, CVE-2014-0098, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2014-1692, CVE-2014-2532, CVE-2014-2653, CVE-2015-0228, CVE-2015-3183, CVE-2015-5352, CVE-2015-5600, CVE-2015-6563, CVE-2015-6564, CVE-2015-8325, CVE-2016-0777, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-1908, CVE-2016-20012, CVE-2016-3115, CVE-2016-4975, CVE-2016-5387, CVE-2016-6210, CVE-2016-6515, CVE-2016-8612, CVE-2016-8743, CVE-2017-1000369, CVE-2017-15906, CVE-2017-15945, CVE-2017-16943, CVE-2017-16944, CVE-2017-3167, CVE-2017-3169, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-15473, CVE-2018-20685, CVE-2018-6789, CVE-2019-10149, CVE-2019-13917, CVE-2019-15846, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12783, CVE-2020-15778, CVE-2020-28007, CVE-2020-28008, CVE-2020-28009, CVE-2020-28010, CVE-2020-28011, CVE-2020-28012, CVE-2020-28013, CVE-2020-28014, CVE-2020-28015, CVE-2020-28016, CVE-2020-28017, CVE-2020-28018, CVE-2020-28019, CVE-2020-28020, CVE-2020-28021, CVE-2020-28022, CVE-2020-28023, CVE-2020-28024, CVE-2020-28025, CVE-2020-28026, CVE-2020-8015, CVE-2021-27216, CVE-2021-34798, CVE-2021-36368, CVE-2021-38371, CVE-2021-39275, CVE-2021-40438, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-37436, CVE-2022-37451, CVE-2022-37452, CVE-2023-28625, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51385, CVE-2023-51766	14/02/2026, 22:44:17	-
120.48.182.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:37	12/03/2026, 20:51:10	Yes	Yes	APT37, El-Machete, Gozi	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617	14/02/2026, 22:44:18	chinamobile.com, chinamobile.cn, baidu.com
104.248.176.•••:443	Assistant	🇺🇸 United States	Yes	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	14/02/2026, 05:52:37	27/02/2026, 09:11:13	No	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	14/02/2026, 16:08:19	-
42.194.147.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud	14/02/2026, 05:52:37	13/03/2026, 21:28:40	Yes	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, El-Machete, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2017-15945, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387	14/02/2026, 22:44:20	tencent.com, mobifone.vn
180.76.121.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:37	12/03/2026, 20:51:09	Yes	Yes	APT17, APT28, APT35, APT37, APT39, Cobalt Group, DragonFly, El-Machete, Gozi, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	14/02/2026, 22:44:22	tfn.net.tw, baidu.com
106.13.180.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:37	26/02/2026, 15:39:59	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	14/02/2026, 22:44:23	bj189.cn, baidu.com
180.76.189.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:37	02/03/2026, 13:56:29	-	-	-	-	-	-
106.13.164.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:37	26/02/2026, 02:18:49	-	-	-	-	-	-
120.48.118.•••:18789	-	🇺🇸 United States	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:37	13/03/2026, 10:33:53	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	-	14/02/2026, 22:44:26	chinamobile.com, chinamobile.cn, baidu.com
3.1.81.•••:18789	-	🇸🇬 Singapore	Yes	false	Clean	AS16509	Amazon.com, Inc.	Amazon Web Services	14/02/2026, 05:52:37	28/02/2026, 22:36:58	No	No	-	CVE-2016-20012, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728	14/02/2026, 22:44:27	-
120.48.16.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:37	13/03/2026, 20:43:36	Yes	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, DragonFly, El-Machete, Gamaredon Group, Gaza Cybergang, Gozi, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Packrat, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	14/02/2026, 22:44:29	chinamobile.com, chinamobile.cn, baidu.com
82.221.131.•••:443	-	🇮🇸 Iceland	Yes	false	Leaked	AS50613	Advania Island ehf	Ice Networks	14/02/2026, 05:52:37	14/02/2026, 22:41:28	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2012-6095, CVE-2016-20012, CVE-2017-15644, CVE-2017-15645, CVE-2017-15646, CVE-2017-17089, CVE-2017-9313, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2018-5740, CVE-2018-5741, CVE-2018-5743, CVE-2018-5744, CVE-2018-5745, CVE-2019-12815, CVE-2019-12840, CVE-2019-15107, CVE-2019-15641, CVE-2019-15642, CVE-2019-18217, CVE-2019-19269, CVE-2019-19270, CVE-2019-19271, CVE-2019-19272, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-6465, CVE-2019-6470, CVE-2019-6471, CVE-2020-12670, CVE-2020-14145, CVE-2020-15778, CVE-2020-35606, CVE-2020-8616, CVE-2020-8617, CVE-2020-8622, CVE-2020-8623, CVE-2020-8624, CVE-2020-8625, CVE-2020-8820, CVE-2020-8821, CVE-2020-9272, CVE-2021-25214, CVE-2021-25215, CVE-2021-25216, CVE-2021-25219, CVE-2021-25220, CVE-2021-36368, CVE-2021-41617, CVE-2021-46854, CVE-2022-0824, CVE-2022-0829, CVE-2022-2795, CVE-2022-30708, CVE-2022-36446, CVE-2022-38177, CVE-2022-38178, CVE-2023-2828, CVE-2023-3341, CVE-2023-38408, CVE-2023-43309, CVE-2023-4408, CVE-2023-48795, CVE-2023-50387, CVE-2023-51384, CVE-2023-51385, CVE-2023-51713, CVE-2023-52046, CVE-2023-5680, CVE-2024-11187, CVE-2024-1737, CVE-2024-1975, CVE-2024-36450, CVE-2024-36451, CVE-2024-36452, CVE-2024-36453, CVE-2024-4076, CVE-2024-45692	14/02/2026, 22:44:30	orangewebsite.com
180.76.145.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:37	10/03/2026, 21:16:24	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	-	14/02/2026, 22:44:33	tfn.net.tw, baidu.com
120.48.181.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:52:37	13/03/2026, 10:33:19	Yes	No	-	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	13/03/2026, 07:36:10	baidu.com
5.78.137.•••:18789	Bitsy (🐝)	🇺🇸 United States	Yes	false	Leaked	AS212317	Hetzner Online GmbH	Hetzner Online	14/02/2026, 05:52:37	16/04/2026, 01:23:53	Yes	No	-	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	14/02/2026, 22:44:36	hetzner.com
116.203.66.•••:18789	Assistant	🇩🇪 Germany	Yes	false	Leaked	AS24940	Hetzner Online GmbH	Hetzner Online	14/02/2026, 05:52:37	26/02/2026, 17:07:49	Yes	Yes	APT-C-23, APT10, APT40, APT41, Carbanak, Donot Team, Lazarus Group, MuddyWater Group, Slingshot APT, TA428, TA505, Tropic Trooper, Turla APT Group, Volt Typhoon	CVE-2015-9253, CVE-2017-17090, CVE-2017-8923, CVE-2018-12882, CVE-2018-14851, CVE-2018-14883, CVE-2018-15132, CVE-2018-17082, CVE-2018-19518, CVE-2018-19935, CVE-2018-20783, CVE-2019-11036, CVE-2019-11038, CVE-2019-11039, CVE-2019-11040, CVE-2019-11041, CVE-2019-11042, CVE-2019-11043, CVE-2019-11044, CVE-2019-11045, CVE-2019-11046, CVE-2019-11047, CVE-2019-11048, CVE-2019-11050, CVE-2019-13224, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9022, CVE-2019-9023, CVE-2019-9024, CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9640, CVE-2019-9641, CVE-2020-35652, CVE-2020-35776, CVE-2020-7059, CVE-2020-7060, CVE-2020-7061, CVE-2020-7062, CVE-2020-7063, CVE-2020-7064, CVE-2020-7066, CVE-2020-7067, CVE-2020-7068, CVE-2020-7069, CVE-2020-7070, CVE-2021-26712, CVE-2021-26906, CVE-2021-32558, CVE-2022-31628, CVE-2022-31629, CVE-2022-37454, CVE-2022-4900, CVE-2023-37457, CVE-2023-49294, CVE-2023-49786, CVE-2024-39894, CVE-2024-4577, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	14/02/2026, 22:44:38	hetzner.de, eu.org, hetzner.com
120.48.120.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:29	05/03/2026, 00:44:59	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	-	17/02/2026, 22:04:37	chinamobile.com, chinamobile.cn, baidu.com
3.84.225.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS14618	Amazon.com, Inc.	Amazon Web Services	14/02/2026, 05:50:29	14/02/2026, 19:42:05	-	-	-	-	-	-
159.89.140.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	14/02/2026, 05:50:29	14/02/2026, 19:42:05	-	-	-	-	-	-
54.159.186.•••:18789	SuperClaw	🇺🇸 United States	Yes	false	Clean	AS14618	Amazon.com, Inc.	Amazon	14/02/2026, 05:50:29	14/02/2026, 19:42:05	-	-	-	-	-	-
120.48.106.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:29	14/02/2026, 19:42:05	-	-	-	-	-	-
91.99.19.•••:18789	-	🇩🇪 Germany	-	false	Leaked	AS24940	Hetzner Online GmbH	Hetzner Online	14/02/2026, 05:50:29	12/04/2026, 23:51:40	Yes	No	-	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	14/02/2026, 18:20:46	hetzner.com
106.12.88.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:29	26/02/2026, 09:42:20	-	-	-	-	-	-
106.12.174.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:29	12/03/2026, 14:03:44	Yes	Yes	APT14, APT17, APT28, APT35, APT37, APT39, APT40, APT41, Cobalt Group, DragonFly, El-Machete, Equation Group, Gamaredon Group, Gozi, IronHusky, Kimsuky, Lazarus Group, Mustang Panda, Packrat, Sandworm Team, SharpPanda, TA505, The Shadow Brokers, UNC2452, WIRTE	CVE-2006-20001, CVE-2017-15710, CVE-2017-15715, CVE-2018-11763, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-1333, CVE-2018-15473, CVE-2018-15919, CVE-2018-17189, CVE-2018-17199, CVE-2018-20685, CVE-2019-0196, CVE-2019-0197, CVE-2019-0211, CVE-2019-0217, CVE-2019-0220, CVE-2019-10081, CVE-2019-10082, CVE-2019-10092, CVE-2019-10098, CVE-2019-17567, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2019-9517, CVE-2020-11993, CVE-2020-14145, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-33193, CVE-2021-34798, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	03/03/2026, 13:15:11	baidu.com
174.138.65.•••:18789	JARVIS (🎯)	🇺🇸 United States	Yes	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	14/02/2026, 05:50:29	26/02/2026, 03:45:42	No	Yes	APT15, APT17, APT29, APT31, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, Salt Typhoon, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2024-7347, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728	20/02/2026, 19:12:06	-
150.158.132.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS45090	Shenzhen Tencent Computer Systems Company Limited	Tencent Cloud Computing	14/02/2026, 05:50:29	18/02/2026, 04:45:11	-	-	-	-	-	-
106.12.83.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:29	28/02/2026, 09:13:48	-	-	-	-	-	-
174.138.31.•••:18789	-	🇸🇬 Singapore	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	14/02/2026, 05:50:29	18/04/2026, 00:41:11	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	15/02/2026, 00:51:41	-
5.161.200.•••:18789	Grim (☠️)	🇺🇸 United States	Yes	false	Leaked	AS213230	Hetzner Online GmbH	Hetzner Online	14/02/2026, 05:50:29	26/02/2026, 17:06:36	Yes	Yes	APT-C-23, APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Ghostwriter, Hafnium Group, Inception Framework, Kimsuky, Lazarus Group, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Turla APT Group, Volt Typhoon	CVE-2016-20012, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2022-22707, CVE-2022-41556, CVE-2023-38408, CVE-2023-44487, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385	17/02/2026, 07:05:18	sinunvalmentajasi.fi, hetzner.com, anyreach.ai
106.12.34.•••:18789	小爪 (暂定，可以根据凯文的喜好调整) (✨)	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:29	26/02/2026, 00:46:43	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	-	17/02/2026, 07:02:59	bj189.cn, baidu.com
137.184.231.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	14/02/2026, 05:50:29	17/04/2026, 10:03:10	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-20012, CVE-2018-20685, CVE-2019-16905, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	15/02/2026, 00:51:44	-
180.76.235.•••:18789	OpenClaw (/avatar/main)	🇨🇳 China mainland	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:29	14/02/2026, 19:42:04	-	-	-	-	-	-
45.55.53.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	14/02/2026, 05:50:29	05/03/2026, 00:44:42	No	Yes	APT14, APT28, APT40, APT41, Cobalt Group, Equation Group, Gamaredon Group, IronHusky, Kimsuky, Lazarus Group, SharpPanda, TA505, The Shadow Brokers, UNC2452, WIRTE	CVE-2006-20001, CVE-2016-20012, CVE-2019-17567, CVE-2020-11984, CVE-2020-11993, CVE-2020-12062, CVE-2020-13950, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-30641, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522	15/02/2026, 06:45:37	-
45.10.24.•••:18789	Assistant	🇩🇪 Germany	Yes	false	Clean	AS216188	Bieber IT GmbH	Host-Unlimited.de	14/02/2026, 05:50:29	14/02/2026, 19:42:04	-	-	-	-	-	-
64.43.5.•••:18789	Morgan	🇮🇪 Ireland	Yes	false	Clean	AS15502	Vodafone Ireland Limited	Vodafone Ireland	14/02/2026, 05:50:29	14/02/2026, 19:42:04	-	-	-	-	-	-
91.98.79.•••:18789	-	🇩🇪 Germany	-	false	Clean	AS24940	Hetzner Online GmbH	Hetzner	14/02/2026, 05:50:29	28/02/2026, 12:11:13	No	No	-	CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	17/02/2026, 10:45:56	-
135.181.192.•••:18789	-	🇫🇮 Finland	Yes	false	Leaked	AS24940	Hetzner Online GmbH	Hetzner Online	14/02/2026, 05:50:29	21/02/2026, 04:10:18	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT41, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, Volt Typhoon	CVE-2016-20012, CVE-2020-12062, CVE-2020-14145, CVE-2020-15778, CVE-2021-28041, CVE-2021-36368, CVE-2021-41617, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-39894, CVE-2024-6387, CVE-2025-26465, CVE-2025-26466, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	17/02/2026, 19:35:48	hetzner.com
170.64.219.•••:18789	-	🇦🇺 Australia	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	14/02/2026, 05:50:29	13/04/2026, 15:42:20	No	Yes	APT14, APT15, APT28, APT31, Bitter APT, Bluenoroff, Callisto Group, Donot Team, Gamaredon Group, Gaza Cybergang, Inception Framework, Kimsuky, MuddyWater Group, RomCom Group, Salt Typhoon, Sea Turtle Group, SideWinder APT, WIRTE	CVE-2006-20001, CVE-2016-20012, CVE-2019-17567, CVE-2020-11984, CVE-2020-11993, CVE-2020-13938, CVE-2020-13950, CVE-2020-14145, CVE-2020-15778, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9490, CVE-2021-26690, CVE-2021-26691, CVE-2021-28041, CVE-2021-30641, CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-36368, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30556, CVE-2022-31813, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522, CVE-2023-31122, CVE-2023-38408, CVE-2023-38709, CVE-2023-45802, CVE-2023-48795, CVE-2023-51385, CVE-2024-24795, CVE-2024-27316, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-40898	15/02/2026, 06:46:10	-
164.90.135.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	14/02/2026, 05:50:29	18/04/2026, 00:40:43	No	Yes	APT15, APT17, APT28, APT29, APT31, APT34, APT35, APT36, APT37, APT39, APT40, APT41, APT45, Bitter APT, Bluenoroff, Callisto Group, Carbanak, ChamelGang, CloudSorcerer, Cobalt Group, Daggerfly APT, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617, CVE-2023-28531, CVE-2023-38408, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	15/02/2026, 01:35:04	-
120.48.170.•••:18789	Shiyuan (时远)	🇺🇸 United States	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:29	02/03/2026, 16:08:07	-	-	-	-	-	-
180.76.99.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:29	02/03/2026, 10:55:57	Yes	Yes	APT17, APT28, APT35, APT37, APT39, Cobalt Group, DragonFly, El-Machete, Gozi, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	17/02/2026, 10:00:29	tfn.net.tw, baidu.com
180.76.135.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:29	03/03/2026, 07:33:44	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	-	21/02/2026, 14:44:52	tfn.net.tw, baidu.com
134.209.51.•••:18789	-	🇺🇸 United States	-	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	14/02/2026, 05:50:29	14/02/2026, 19:42:04	-	-	-	-	-	-
2607:5300:203:3454:::18789	-	🇫🇷 France	-	false	Clean	AS16276	OVH SAS	OVH Hosting	14/02/2026, 05:50:29	16/04/2026, 01:20:58	-	-	-	-	-	-
180.76.229.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:28	13/03/2026, 20:40:57	-	-	-	-	-	-
120.48.20.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:28	12/03/2026, 20:48:04	Yes	Yes	APT14, APT17, APT28, APT35, APT37, APT39, APT40, APT41, Cobalt Group, DragonFly, Earth Berberoka, El-Machete, Equation Group, Gamaredon Group, Gozi, Inception Framework, IronHusky, Kimsuky, Lazarus Group, Mustang Panda, Packrat, Sandworm Team, SharpPanda, TA505, The Shadow Brokers, UNC2452, WIRTE	CVE-2011-2262, CVE-2012-0553, CVE-2012-0572, CVE-2012-0574, CVE-2012-1702, CVE-2012-1705, CVE-2012-3180, CVE-2012-3499, CVE-2012-4558, CVE-2012-5060, CVE-2012-6095, CVE-2013-0383, CVE-2013-0384, CVE-2013-0385, CVE-2013-0389, CVE-2013-1492, CVE-2013-1506, CVE-2013-1521, CVE-2013-1552, CVE-2013-1555, CVE-2013-2249, CVE-2013-2378, CVE-2013-2389, CVE-2013-2391, CVE-2013-2392, CVE-2013-3802, CVE-2013-3804, CVE-2013-3808, CVE-2013-4359, CVE-2013-5704, CVE-2013-5908, CVE-2013-6438, CVE-2014-0098, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0437, CVE-2014-8109, CVE-2015-0228, CVE-2015-3183, CVE-2015-3185, CVE-2016-0736, CVE-2016-10708, CVE-2016-2161, CVE-2016-3125, CVE-2016-4975, CVE-2016-5387, CVE-2016-8612, CVE-2016-8743, CVE-2017-15710, CVE-2017-15715, CVE-2017-15906, CVE-2017-3167, CVE-2017-7418, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798, CVE-2018-1283, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2018-15473, CVE-2018-15919, CVE-2018-17199, CVE-2018-20685, CVE-2019-0217, CVE-2019-0220, CVE-2019-10092, CVE-2019-10098, CVE-2019-12815, CVE-2019-18217, CVE-2019-19270, CVE-2019-19271, CVE-2019-19272, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11985, CVE-2020-14145, CVE-2020-1927, CVE-2020-1934, CVE-2020-35452, CVE-2020-9272, CVE-2021-26690, CVE-2021-26691, CVE-2021-34798, CVE-2021-39275, CVE-2021-40438, CVE-2021-41617, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813	17/02/2026, 14:32:10	chinamobile.com, chinamobile.cn, baidu.com
43.167.157.•••:18789	-	🇸🇬 Singapore	-	false	Clean	AS132203	Tencent Building, Kejizhongyi Avenue	Aceville Pte Ltd	14/02/2026, 05:50:28	24/02/2026, 06:56:23	-	-	-	-	-	-
45.55.169.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS14061	DigitalOcean, LLC	DigitalOcean	14/02/2026, 05:50:28	14/02/2026, 19:42:04	-	-	-	-	-	-
106.12.7.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:28	27/02/2026, 06:55:32	-	-	-	-	-	-
152.67.173.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS31898	Oracle Corporation	Oracle Cloud	14/02/2026, 05:50:28	17/04/2026, 20:11:01	Yes	No	-	-	14/04/2026, 08:19:35	healtheintent.com, purewellness.com, cerner.ae, retek.com, tryfoexnow.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, oracle.com, hiedirectconnect.org, maxymiser.net, oraclecloudservices.com, rsys2.net, hyperroll.com, nor1.com, oxygen.systems, oraclegovcloud.com, orcale.com, oraclemobile.com, sun.co.in, openair.co, oraclepdemos.com, stellent.com, siebel.com, cerner.net, oracle-cloud.com, docucorp.com, mvalent.com, elementfusion.com, netsuiteforms.com, oracleemaildelivery.com, oraclecloud.com, en25.com, solaris.com, rightnowtech.com, think.com, ipapp.com, jdedwards.com, tiger-institute.org, zenedge.com, skire.com, sun.com, sales.com, fyleio.com, push.io, estara.com, tekelec.com, textura.com, paymyhealthbill.com, dyndns.com, java.net, optika.com, jcp.org, smed.com, cernerenviza-tw.com, datafox.com, recruitmax.com, decisioneering.com, adiinsights.com, stortek.com, seebeyond.com, livelook.com, openjdk.org, virtualbox.org, dyn.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, storagetek.com, oracledatacloud.com
106.12.189.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:28	26/02/2026, 17:06:37	Yes	Yes	APT28, APT35, APT37, APT39, Cobalt Group, Kimsuky, Mustang Panda, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	17/02/2026, 08:33:35	bj189.cn, baidu.com
120.48.112.•••:18789	Assistant	🇺🇸 United States	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:28	01/03/2026, 05:59:55	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	-	17/02/2026, 17:30:44	chinamobile.com, chinamobile.cn, baidu.com
106.12.16.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Clean	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:28	26/02/2026, 08:57:51	-	-	-	-	-	-
106.12.21.•••:18789	Assistant	🇨🇳 China mainland	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:28	26/02/2026, 01:31:25	Yes	Yes	APT17, APT37, DragonFly, El-Machete, Gozi, Packrat	CVE-2016-20012, CVE-2019-16905, CVE-2020-14145, CVE-2020-15778, CVE-2021-36368, CVE-2021-41617	17/02/2026, 07:48:14	bj189.cn, baidu.com
120.48.93.•••:18789	小灵通 (🦊)	🇺🇸 United States	Yes	false	Leaked	AS38365	Beijing Baidu Netcom Science and Technology Co., Ltd.	Baidu	14/02/2026, 05:50:28	13/03/2026, 10:31:44	Yes	Yes	APT17, APT28, APT35, APT37, APT39, Cobalt Group, DragonFly, El-Machete, Gozi, Kimsuky, Mustang Panda, Packrat, Sandworm Team, The Shadow Brokers	CVE-2016-10708, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-14145, CVE-2021-41617	21/02/2026, 05:42:00	chinamobile.com, chinamobile.cn, baidu.com
136.116.129.•••:18789	Assistant	🇺🇸 United States	Yes	false	Clean	AS396982	Google LLC	Google	14/02/2026, 05:50:28	01/03/2026, 05:16:16	No	No	-	-	11/02/2026, 08:33:58	-
50.116.57.•••:18789	-	🇺🇸 United States	Yes	false	Leaked	AS63949	Akamai Connected Cloud	Linode	14/02/2026, 05:50:28	08/04/2026, 10:49:27	Yes	Yes	APT15, APT28, APT29, APT31, APT34, APT35, APT37, APT39, APT41, Bitter APT, Bluenoroff, Callisto Group, Cobalt Group, Donot Team, Gamaredon Group, Gaza Cybergang, Hafnium Group, Inception Framework, Kimsuky, MuddyWater Group, Mustang Panda, Patchwork, RomCom Group, Salt Typhoon, Sandworm Team, Sea Turtle Group, SideWinder APT, The Shadow Brokers, Volt Typhoon	CVE-2014-2323, CVE-2014-2324, CVE-2015-3200, CVE-2015-8325, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708, CVE-2016-20012, CVE-2016-3115, CVE-2016-6210, CVE-2016-6515, CVE-2016-8858, CVE-2017-15906, CVE-2018-15473, CVE-2018-15919, CVE-2018-19052, CVE-2018-20685, CVE-2019-11072, CVE-2019-12519, CVE-2019-12520, CVE-2019-12521, CVE-2019-12522, CVE-2019-12523, CVE-2019-12524, CVE-2019-12525, CVE-2019-12526, CVE-2019-12527, CVE-2019-12528, CVE-2019-12529, CVE-2019-12854, CVE-2019-13345, CVE-2019-18676, CVE-2019-18677, CVE-2019-18678, CVE-2019-18679, CVE-2019-18860, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-11945, CVE-2020-14058, CVE-2020-14145, CVE-2020-15049, CVE-2020-15778, CVE-2020-15810, CVE-2020-15811, CVE-2020-24606, CVE-2020-25097, CVE-2020-8449, CVE-2020-8450, CVE-2020-8517, CVE-2021-28116, CVE-2021-28651, CVE-2021-28652, CVE-2021-28662, CVE-2021-31806, CVE-2021-31807, CVE-2021-31808, CVE-2021-33620, CVE-2021-36368, CVE-2021-41617, CVE-2021-46784, CVE-2022-40468, CVE-2022-41318, CVE-2023-28531, CVE-2023-29323, CVE-2023-35784, CVE-2023-38408, CVE-2023-46724, CVE-2023-46728, CVE-2023-46846, CVE-2023-46847, CVE-2023-48795, CVE-2023-49285, CVE-2023-49286, CVE-2023-49288, CVE-2023-49606, CVE-2023-50269, CVE-2023-51384, CVE-2023-51385, CVE-2023-5824, CVE-2024-25111, CVE-2024-25617, CVE-2024-33427, CVE-2024-37894, CVE-2024-45802, CVE-2024-6387, CVE-2025-26465, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985	16/02/2026, 14:19:22	arraythemes.com, healtheintent.com, purewellness.com, retek.com, moatads.com, oraclefusion.com, connectinc.com, inquira.com, portal.com, oracle.com, chickenkiller.com, oraclecloudservices.com, opengw.net, rsys2.net, hyperroll.com, orcale.com, oraclemobile.com, sun.co.in, stellent.com, advancedcustomfields.com, siebel.com, cerner.net, dynip.online, oracle-cloud.com, docucorp.com, mvalent.com, perfectdashboard.com, wpenginepowered.com, wpengine.com, en25.com, solaris.com, crabdance.com, rightnowtech.com, think.com, ipapp.com, jdedwards.com, tiger-institute.org, bettersearchreplace.com, skire.com, deliciousbrains.com, studiopress.community, sales.com, fyleio.com, push.io, estara.com, tekelec.com, paymyhealthbill.com, dyndns.com, optika.com, dyndns.org, jcp.org, wpengine.careers, smed.com, cernerenviza-tw.com, wpeproxy.com, recruitmax.com, decisioneering.com, stortek.com, seebeyond.com, wpengine.net, livelook.com, sqlbuddy.com, oraclehealth.com, aimsystems.com, sunworld.com, plumtree.com, torquemag.io, storagetek.com, studiopress.com
172.245.26.•••:18789	Hoper Asst (🎓)	🇺🇸 United States	Yes	false	Clean	AS36352	HostPapa	RackNerd	14/02/2026, 05:50:28	14/02/2026, 19:42:03	-	-	-	-	-	-

🦞 OpenClaw Exposure Watchboard

Ship Secure Enterprise AI Agents 10× Faster with vivgrid.com

Vivgrid gives you authentication, model gateway, tool control, cost tracking, and enterprise observability — everything you need to ship AI agents safely at scale.