Search IP addresses by ...

IP prefix
IPv4 prefix/subnet in CIDR format.
Hostname suffix
Suffix of the hostname associated with the IP address. Can be used to search all hosts under given (sub)domain.
ASN
Autonomous system number. Enter as "1234" or "AS1234”.
Country
Code of the country the IP address is probably located in (according to MaxMind database).
Source
Select IP addresses for which there are data (alerts, events, ...) from given primary data source(s).
OR
AND
Event category
Select IP addresses with Warden alerts of given category.
OR
AND
Blacklist
Select IP addresses listed on given blacklist(s).
OR
AND
Tag
Select IP addresses with given tag(s).
OR
AND

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses
IP addresses
Paste any text containing IPv4 addresses or prefixes in CIDR format. Search will return all addresses in NERD matching any of your addresses or prefixes.

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses

Results (≥20≥20)

IP address Hostname ASN Country Events Rep.(?) Other properties Time added Last activity Links
193.32.162.157 -- AS47890
RO 14617194
+ 920376 DShield reports
+ 1 OTX pulses 		0.990 14 blacklists Scanner Login attempts  22scanner 2025-05-10 13:46:54 2025-08-04 23:14:36
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
45.135.232.24 -- AS198953
RU 66069122
+ 1766676 DShield reports
+ 1 OTX pulses 		0.984 4 blacklists Login attempts  135, 137, 47001 2025-05-10 14:41:19 2025-08-05 01:02:51
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
149.100.11.243 -- AS174
ES 4870143
+ 44001 DShield reports 		0.983 4 blacklists Scanner  22, 80scanner 2025-04-23 18:49:59 2025-08-05 01:03:00
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
45.148.10.240 -- AS48090
NL 10024154
+ 245872 DShield reports
+ 1 OTX pulses 		0.982 12 blacklists Scanner Login attempts  22scanner 2024-09-17 10:11:51 2025-08-04 23:50:51
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
95.214.52.169 -- AS201814
PL 926863
+ 131755 DShield reports
+ 1 OTX pulses 		0.982 5 blacklists Scanner  22 2025-06-19 18:06:56 2025-08-05 01:01:29
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
179.43.189.98 hostedby.privatelayer.com AS51852
CH 9651154
+ 478167 DShield reports 		0.979 12 blacklists Login attempts 2025-07-15 19:08:49 2025-08-05 00:44:49
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
93.123.109.185 -- AS48090
AS401116
BG 1328134
+ 16911 DShield reports 		0.978 11 blacklists Scanner Login attempts  21, 22, 25, 80, 110, ...self-signed, starttls 2025-07-09 15:19:19 2025-08-04 23:56:15
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
45.140.17.26 -- AS198953
RU 15010132
+ 2453928 DShield reports 		0.977 6 blacklists Login attempts Scanner  445, 5985 2025-05-11 17:06:38 2025-08-05 01:02:51
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
93.123.109.189 -- AS48090
AS401116
BG 1230114
+ 16831 DShield reports 		0.976 10 blacklists Login attempts Scanner  22 2025-07-09 15:07:21 2025-08-04 21:45:55
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
195.178.110.160 -- AS48090
BG 347051165
+ 642123 DShield reports 		0.976 12 blacklists Scanner Login attempts Malware  22scanner 2025-06-12 17:44:30 2025-08-05 00:59:59
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
195.178.110.224 -- AS48090
BG 2486124
+ 24017 DShield reports 		0.972 11 blacklists Scanner Login attempts  22, 25, 80, 110, 143, ...database, self-signed, starttls 2025-07-09 15:12:36 2025-08-05 00:12:27
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
172.234.162.56 prod51client01.academyforinternetresearch.org AS63949
FR 18514194
+ 41699 DShield reports 		0.969 11 blacklists Scanner  22, 8126cdn, cloud 2025-04-12 02:59:50 2025-08-04 16:42:37
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
139.19.117.130 inet-research-scan-6.mpi-inf.mpg.de AS680
DE 8507103
+ 34169 DShield reports
+ 94 OTX pulses 		0.968 4 blacklists Scanner Login attempts  80, 443, 4949eol-product 2024-04-04 20:27:03 2025-08-05 01:02:51
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
139.162.186.99 139-162-186-99.ip.linodeusercontent.com AS63949
DE 15993174
+ 40019 DShield reports 		0.968 13 blacklists IP in hostname Scanner  8126cloud 2025-04-12 02:01:32 2025-08-04 23:40:04
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
176.32.195.85 -- AS197834
AM 15535217
+ 28412 DShield reports
+ 4 OTX pulses 		0.968 12 blacklists Scanner 2025-06-19 14:22:43 2025-08-05 01:00:10
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
196.251.114.29 -- SC 46068152
+ 59664 DShield reports
+ 109 OTX pulses 		0.967 7 blacklists Scanner  22 2025-02-13 17:35:47 2025-08-05 01:02:59
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.118.39.71 -- AS48090
AS47890
US 858694
+ 70516 DShield reports
+ 19 OTX pulses 		0.966 11 blacklists Scanner Login attempts  22scanner 2025-01-05 11:28:19 2025-08-05 01:01:42
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
193.32.162.146 -- AS47890
RO 9783104
+ 62723 DShield reports 		0.961 12 blacklists Scanner Login attempts  22 2025-06-06 07:38:19 2025-08-04 23:59:14
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
172.234.162.31 prod52client01.academyforinternetresearch.org AS63949
FR 16537174
+ 39063 DShield reports 		0.960 12 blacklists Scanner  22, 8126cloud, cdn 2025-04-12 01:41:30 2025-08-04 07:30:53
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.118.39.62 -- AS48090
AS47890
US 6640103
+ 73369 DShield reports 		0.957 9 blacklists Scanner Login attempts 2025-06-06 07:00:41 2025-08-05 01:01:45
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield