Search IP addresses by ...

IP prefix
IPv4 prefix/subnet in CIDR format.
Hostname suffix
Suffix of the hostname associated with the IP address. Can be used to search all hosts under given (sub)domain.
ASN
Autonomous system number. Enter as "1234" or "AS1234”.
Country
Code of the country the IP address is probably located in (according to MaxMind database).
Source
Select IP addresses for which there are data (alerts, events, ...) from given primary data source(s).
OR
AND
Event category
Select IP addresses with Warden alerts of given category.
OR
AND
Blacklist
Select IP addresses listed on given blacklist(s).
OR
AND
Tag
Select IP addresses with given tag(s).
OR
AND

Threat category

Role
Select IP addresses with threat category records matching the selected role.
Category
Select IP addresses with threat category records matching the selected category.
OR
AND
Subcategory
Select IP addresses with threat category records matching the selected subcategory.
=
Confidence
Minimum category confidence.

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses
IP addresses
Paste any text containing IPv4 addresses or prefixes in CIDR format. Search will return all addresses in NERD matching any of your addresses or prefixes.

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses

Results (≥20≥20)

IP address Hostname ASN Country Events Rep.(?) Threat category Other properties Time added Last activity Links
45.148.10.121 -- AS48090
NL 48235224
+ 631776 DShield reports
+ 25 OTX pulses 		1.000
src login protocol: ssh
port: 22, 2222
src scan port: many
src
17 blacklists  22scanner 2025-12-06 02:39:49 2026-03-28 12:57:39
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
193.46.255.86 hostingmailto239.statics.servermail.org AS47890
RO 2644153
+ 12523 DShield reports 		1.000
src login protocol: ssh
port: 22, 2222
src scan port: 22
src
8 blacklists 2026-03-11 22:22:32 2026-03-28 15:21:20
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
37.77.150.119 -- AS198953
RU 36814173
+ 309213 DShield reports 		1.000
src login protocol: ssh
port: 22, 2222
src scan
src
6 blacklists 2026-02-08 15:37:29 2026-03-28 15:25:51
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
2.57.121.112 dns112.personaliseplus.com AS47890
RO 13246172
+ 133252 DShield reports
+ 15 OTX pulses 		1.000
src login protocol: ssh
port: 22, 2222
src scan port: 22
src
14 blacklists  3389eol-os, self-signed 2025-10-04 21:56:26 2026-03-28 15:25:51
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
77.90.185.17 -- AS215476
AS213790
DE 7670132
+ 71251 DShield reports
+ 10 OTX pulses 		1.000
src login protocol: ssh
port: 22, 2222
src scan
src
7 blacklists  22, 111 2026-02-22 04:51:32 2026-03-28 15:20:51
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
80.94.92.168 -- AS48090
AS47890
RO 24051192
+ 80067 DShield reports
+ 16 OTX pulses 		0.999
src login protocol: ssh
port: 22, 2222
src scan port: 22
src
14 blacklists  22scanner 2025-11-19 15:20:59 2026-03-28 15:30:48
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.118.39.56 -- AS48090
AS47890
US 20295183
+ 112018 DShield reports
+ 12 OTX pulses 		0.999
src login protocol: ssh
port: 22, 2222
src scan port: 22
src
16 blacklists 2025-06-06 22:18:48 2026-03-28 15:28:25
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
80.94.95.118 -- AS204428
RO 2162132
+ 23284 DShield reports
+ 5 OTX pulses 		0.999
src login protocol: ssh
port: 22, 2222
src scan
src
6 blacklists  53, 111, 3128 2026-02-22 04:52:44 2026-03-28 15:23:27
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.118.39.76 -- AS48090
AS47890
US 20275194
+ 69575 DShield reports
+ 11 OTX pulses 		0.999
src login protocol: ssh
port: 22, 2222
src scan port: 22
src
18 blacklists  22scanner 2025-11-30 15:21:07 2026-03-28 15:26:45
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
80.94.92.171 -- AS48090
AS47890
RO 19835183
+ 160648 DShield reports
+ 10 OTX pulses 		0.999
src login protocol: ssh
port: 22, 2222
src scan port: 22
src
17 blacklists  22scanner 2025-11-19 15:20:59 2026-03-28 15:30:53
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
78.128.112.74 ip-112-74.4vendeta.com AS202325
AS208637
BG 3176164
+ 83435 DShield reports
+ 1 OTX pulses 		0.998
src login protocol: ssh, telnet
port: 22
src scan port: 22
src
14 blacklists  22scanner 2025-05-28 12:16:17 2026-03-28 15:16:04
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
2.57.122.238 -- AS48090
AS47890
RO 9434204
+ 171969 DShield reports
+ 4 OTX pulses 		0.998
src login protocol: ssh
port: 22, 2222
src
src scan port: 22
17 blacklists  22, 80scanner 2025-11-06 15:20:09 2026-03-28 15:19:18
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.118.39.72 -- AS48090
AS47890
US 18522182
+ 109030 DShield reports
+ 97 OTX pulses 		0.998
src login protocol: ssh
port: 22, 2222
src scan port: 22
src
18 blacklists  22scanner 2025-01-05 11:23:47 2026-03-28 15:29:54
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
185.246.130.20 -- AS42237
SE 2525122
+ 28100 DShield reports 		0.998
src login protocol: ssh
port: 22, 2222
src scan
src
9 blacklists  135, 137, 139, 445, 3306, ...database 2024-10-29 11:05:11 2026-03-28 14:48:20
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
94.154.35.215 -- AS214943
AS214976
AS202412
NL 55032112
+ 208126 DShield reports 		0.996
src login protocol: ssh
port: 22
src scan
src
4 blacklists  135, 137, 445, 5985, 8080, ... 2026-01-26 15:00:07 2026-03-28 15:22:04
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
178.16.54.226 -- AS209800
AS214943
AS214976
AS202412
NL 5705102
+ 37286 DShield reports 		0.996
src login protocol: ssh
port: 22
src scan
src
3 blacklists  135, 137, 445, 5985, 10000, ... 2026-02-02 12:45:30 2026-03-28 10:32:50
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
179.43.133.154 hostedby.privatelayer.com AS51852
CH 50479112
+ 176548 DShield reports 		0.994
src login protocol: ssh
port: 22, 2222
src scan
src
3 blacklists  135, 137, 445, 5985, 10000, ... 2025-09-02 11:59:39 2026-03-28 15:31:25
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
193.32.162.145 -- AS47890
RO 13007193
+ 134431 DShield reports
+ 4 OTX pulses 		0.993
src login protocol: ssh
port: 22, 2222
src scan port: 22
src
17 blacklists  22scanner 2025-06-06 07:36:57 2026-03-28 14:59:38
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
213.209.159.158 -- AS208137
DE 19427175
+ 258409 DShield reports
+ 5 OTX pulses 		0.993
src login protocol: ssh
port: 22, 2222
src scan port: 22
src
19 blacklists  22scanner 2025-12-29 18:58:08 2026-03-28 15:26:39
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.118.39.95 -- AS48090
AS47890
US 16135193
+ 147885 DShield reports
+ 6 OTX pulses 		0.990
src login protocol: ssh
port: 22, 2222
src scan port: 22
src
18 blacklists  22scanner 2025-04-16 06:10:40 2026-03-28 15:27:26
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield