Search IP addresses by ...

IP prefix
IPv4 prefix/subnet in CIDR format.
Hostname suffix
Suffix of the hostname associated with the IP address. Can be used to search all hosts under given (sub)domain.
ASN
Autonomous system number. Enter as "1234" or "AS1234”.
Country
Code of the country the IP address is probably located in (according to MaxMind database).
Source
Select IP addresses for which there are data (alerts, events, ...) from given primary data source(s).
OR
AND
Event category
Select IP addresses with Warden alerts of given category.
OR
AND
Blacklist
Select IP addresses listed on given blacklist(s).
OR
AND
Tag
Select IP addresses with given tag(s).
OR
AND

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses
IP addresses
Paste any text containing IPv4 addresses or prefixes in CIDR format. Search will return all addresses in NERD matching any of your addresses or prefixes.

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses

Results (≥20≥20)

IP address Hostname ASN Country Events Rep.(?) Other properties Time added Last activity Links
45.148.10.121 -- AS48090
NL 30590174
+ 468694 DShield reports
+ 3 OTX pulses 		1.000 15 blacklists Scanner Login attempts 2025-12-06 02:39:49 2026-02-06 23:02:19
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
91.215.85.88 -- AS200593
RU 95178152
+ 1746647 DShield reports 		0.998 5 blacklists Login attempts  135, 137, 5985, 50100 2025-11-14 08:31:47 2026-02-06 23:00:13
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
176.120.22.52 -- AS198953
RU 3011132
+ 92792 DShield reports
+ 5 OTX pulses 		0.998 6 blacklists Login attempts Scanner 2026-01-16 11:03:58 2026-02-06 22:20:00
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
213.209.159.159 -- AS208137
DE 9153143
+ 74626 DShield reports
+ 1 OTX pulses 		0.998 12 blacklists Login attempts  3389self-signed 2025-12-30 18:59:58 2026-02-06 22:56:01
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.118.39.56 -- AS48090
AS47890
US 4278143
+ 361552 DShield reports
+ 3 OTX pulses 		0.992 13 blacklists Scanner Login attempts  22scanner 2025-06-06 22:18:48 2026-02-06 22:47:04
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.118.39.72 -- AS48090
AS47890
US 3928142
+ 377985 DShield reports
+ 124 OTX pulses 		0.991 15 blacklists Scanner Login attempts  22scanner 2025-01-05 11:23:47 2026-02-06 22:53:30
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
80.94.92.171 -- AS48090
AS47890
RO 4184143
+ 226475 DShield reports
+ 2 OTX pulses 		0.988 14 blacklists Scanner Login attempts  22scanner 2025-11-19 15:20:59 2026-02-06 22:49:42
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
185.246.130.20 -- AS42237
SE 3166122
+ 61810 DShield reports 		0.987 8 blacklists Login attempts  135, 137, 139, 3306, 5985, ...database 2024-10-29 11:05:11 2026-02-06 22:25:01
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
193.32.162.157 -- AS47890
RO 19959175
+ 427484 DShield reports
+ 2 OTX pulses 		0.987 17 blacklists Scanner Login attempts  22scanner 2025-05-10 13:46:54 2026-02-06 23:01:24
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.118.39.95 -- AS48090
AS47890
US 13641183
+ 169256 DShield reports
+ 2 OTX pulses 		0.986 16 blacklists Scanner Login attempts 2025-04-16 06:10:40 2026-02-06 23:01:30
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
2.57.122.238 -- AS48090
AS47890
RO 1759144
+ 184064 DShield reports 		0.985 16 blacklists Scanner Login attempts  22, 80scanner 2025-11-06 15:20:09 2026-02-06 23:01:11
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
179.43.133.154 hostedby.privatelayer.com AS51852
CH 20061112
+ 77970 DShield reports 		0.981 1 blacklist Login attempts  135, 137, 445, 5985, 10000, ... 2025-09-02 11:59:39 2026-02-06 23:01:15
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
213.209.159.158 -- AS208137
DE 8396135
+ 89962 DShield reports
+ 2 OTX pulses 		0.979 15 blacklists Scanner Login attempts  22scanner 2025-12-29 18:58:08 2026-02-06 23:00:39
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
147.139.164.196 -- AS45102
ID 2451113
+ 10221 DShield reports
+ 1 OTX pulses 		0.975 5 blacklists Scanner Login attempts  21, 22, 80, 443, 3306database, eol-product, self-signed, cloud 2024-10-17 09:08:32 2026-02-06 21:05:32
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
193.32.162.145 -- AS47890
RO 10295194
+ 163523 DShield reports
+ 1 OTX pulses 		0.974 17 blacklists Scanner Login attempts  22scanner 2025-06-06 07:36:57 2026-02-06 21:46:38
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
179.43.139.58 hostedby.privatelayer.com AS51852
CH 6453112
+ 23675 DShield reports 		0.970 1 blacklist Login attempts  135, 137, 445, 5985, 10001, ... 2025-09-02 11:57:48 2026-02-06 22:56:01
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
80.94.92.182 -- AS48090
AS47890
RO 15694194
+ 75710 DShield reports 		0.969 15 blacklists Scanner Login attempts 2025-11-18 16:26:32 2026-02-06 22:08:08
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
89.42.231.200 -- AS206264
NL 1343272
+ 146610 DShield reports
+ 1 OTX pulses 		0.968 6 blacklists Scanner  22scanner 2025-06-08 21:26:20 2026-02-06 23:00:19
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
176.65.148.29 176.65.148.29.ptr.pfcloud.network AS51396
NL 662851
+ 149437 DShield reports 		0.966 3 blacklists IP in hostname Scanner 2026-01-08 22:28:08 2026-02-06 22:49:42
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
149.100.11.243 -- AS174
ES 7336183
+ 28460 DShield reports
+ 5 OTX pulses 		0.965 7 blacklists Scanner  22, 80eol-product, scanner 2025-04-23 18:49:59 2026-02-06 20:02:01
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield