Search IP addresses by ...

IP prefix
IPv4 prefix/subnet in CIDR format.
Hostname suffix
Suffix of the hostname associated with the IP address. Can be used to search all hosts under given (sub)domain.
ASN
Autonomous system number. Enter as "1234" or "AS1234”.
Country
Code of the country the IP address is probably located in (according to MaxMind database).
Source
Select IP addresses for which there are data (alerts, events, ...) from given primary data source(s).
OR
AND
Event category
Select IP addresses with Warden alerts of given category.
OR
AND
Blacklist
Select IP addresses listed on given blacklist(s).
OR
AND
Tag
Select IP addresses with given tag(s).
OR
AND

Threat category

Role
Select IP addresses with threat category records matching the selected role.
Category
Select IP addresses with threat category records matching the selected category.
OR
AND
Subcategory
Select IP addresses with threat category records matching the selected subcategory.
=
Confidence
Minimum category confidence.

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses
IP addresses
Paste any text containing IPv4 addresses or prefixes in CIDR format. Search will return all addresses in NERD matching any of your addresses or prefixes.

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses

Results (≥20≥20)

IP address Hostname ASN Country Events Rep.(?) Threat category Other properties Time added Last activity Links
80.94.92.55 -- AS48090
AS47890
RO 1228155
+ 30166 DShield reports
+ 2 OTX pulses
0.981
src login protocol: ssh
port: 22, 2222
src
src scan port: 22
8 blacklists 2026-06-24 19:33:55 2026-07-08 22:44:16
193.46.255.86 -- AS47890
RO 17638224
+ 69708 DShield reports
+ 4 OTX pulses
0.980
src login protocol: ssh
port: 22, 2222
src scan port: 22
src
11 blacklists  22, 80, 2000eol-product, scanner 2026-03-11 22:22:32 2026-07-09 00:35:14
195.178.110.228 -- AS48090
BG 1174145
+ 30523 DShield reports
+ 2 OTX pulses
0.979
src login protocol: ssh
port: 22, 2222
src scan port: 22
src
9 blacklists 2026-06-24 23:55:25 2026-07-08 21:33:09
80.94.92.234 -- AS48090
AS47890
RO 1113165
+ 28991 DShield reports
+ 1 OTX pulses
0.975
src login protocol: ssh
port: 22, 2222
src
src scan port: 22
9 blacklists 2026-06-24 19:30:56 2026-07-08 23:48:29
150.254.160.250 rutherfordium.man.poznan.pl AS9112
PL 3512 0.970
21 blacklists 2026-06-28 09:40:40 2026-07-06 06:43:06
172.235.181.217 prod47client01.academyforinternetresearch.org AS63949
NL 1322894
+ 58678 DShield reports
0.970
src scan port: many
src login protocol: http, ssh, telnet
port: 22, 23, 80, 2222
21 blacklists 2025-04-12 02:01:33 2026-07-09 00:31:12
31.132.90.3 -- AS197556
KZ 26235453
+ 41182 DShield reports
0.970
src scan port: 22, 23, 80, 443, 2222, 2375
src
15 blacklists 2026-06-03 13:16:16 2026-07-09 00:30:49
2.57.122.150 -- AS48090
AS47890
RO 1153155
+ 36914 DShield reports
0.968
src scan port: 22
src login protocol: ssh
port: 22, 2222
src
9 blacklists 2026-06-24 20:36:17 2026-07-08 21:27:49
34.34.103.195 195.103.34.34.bc.googleusercontent.com AS396982
NL 60353
+ 79865 DShield reports
0.967
src scan port: 80, 443, 8080, 8443
src
15 blacklists 2026-06-25 09:58:07 2026-07-08 23:20:27
195.178.110.232 -- AS48090
BG 1245165
+ 32243 DShield reports
+ 4 OTX pulses
0.966
src
src login protocol: ssh, telnet
port: 22, 2222
src scan port: 22
10 blacklists 2026-06-24 20:32:22 2026-07-09 00:33:49
2.57.121.25 hosting25.tronicsat.com AS47890
RO 19378183
+ 167414 DShield reports
+ 24 OTX pulses
0.966
src login protocol: ssh
port: 22, 2222
src scan port: 22
src
8 blacklists 2025-10-05 10:37:13 2026-07-09 00:28:48
185.242.3.195 -- AS60223
AS401626
NL 6026153
+ 141877 DShield reports
+ 1 OTX pulses
0.961
src login protocol: ssh
port: 22, 2222
src scan port: 22, 2222, 22222
8 blacklists  22, 4444scanner 2026-04-13 22:07:13 2026-07-09 00:35:14
92.118.39.71 -- AS48090
AS47890
US 1293175
+ 45157 DShield reports
0.959
src login protocol: ssh
port: 22, 2222
src scan port: 22
src
9 blacklists 2026-06-24 20:23:39 2026-07-09 00:33:10
45.148.10.200 -- AS48090
NL 622052
+ 205590 DShield reports
+ 2 OTX pulses
0.956
src scan port: 80, 443, 8080
src
14 blacklists 2026-05-27 20:08:57 2026-07-09 00:27:25
91.92.33.248 -- AS207043
DE 97942
+ 152762 DShield reports
0.956
src scan port: 80, 443, 8080, 8443
src
17 blacklists  22, 443, 1337self-signed 2026-06-23 14:52:59 2026-07-09 00:19:39
2.57.121.112 dns112.personaliseplus.com AS47890
RO 18903173
+ 171077 DShield reports
+ 16 OTX pulses
0.955
src login protocol: ssh
port: 22, 2222
src scan port: 22
src
9 blacklists 2025-10-04 21:56:26 2026-07-09 00:33:10
125.20.210.182 -- AS9498
IN 226582173
+ 31270 DShield reports
+ 1 OTX pulses
0.954
src scan port: 22, 23, 80, 443, 2222, 2375
src login protocol: ssh, telnet
port: 22, 23, 2222
21 blacklists 2026-03-22 10:41:15 2026-07-08 23:59:15
92.118.39.77 -- AS48090
AS47890
US 1325135
+ 37531 DShield reports
0.953
src login protocol: ssh
port: 22, 2222
src scan port: 22
src
9 blacklists  22 2026-06-24 19:11:22 2026-07-09 00:14:42
77.83.246.97 200635.ip-ptr.tech AS215540
PL 64298474
+ 5483 DShield reports
+ 2 OTX pulses
0.950
src scan port: 22, 23, 80, 443, 2222, 2375
src login protocol: ssh, telnet
port: 22, 23, 2222
src
17 blacklists  22 2026-06-09 19:30:23 2026-07-09 00:27:18
192.42.116.106 -- AS215125
NL 413124
+ 738 DShield reports
0.950
27 blacklists  9002tor 2026-04-09 15:38:24 2026-07-04 23:57:15