Search IP addresses by ...

IP prefix
IPv4 prefix/subnet in CIDR format.
Hostname suffix
Suffix of the hostname associated with the IP address. Can be used to search all hosts under given (sub)domain.
ASN
Autonomous system number. Enter as "1234" or "AS1234”.
Country
Code of the country the IP address is probably located in (according to MaxMind database).
Source
Select IP addresses for which there are data (alerts, events, ...) from given primary data source(s).
OR
AND
Event category
Select IP addresses with Warden alerts of given category.
OR
AND
Blacklist
Select IP addresses listed on given blacklist(s).
OR
AND
Tag
Select IP addresses with given tag(s).
OR
AND

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses
IP addresses
Paste any text containing IPv4 addresses or prefixes in CIDR format. Search will return all addresses in NERD matching any of your addresses or prefixes.

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses

Results (≥20≥20)

IP address Hostname ASN Country Events Rep.(?) Other properties Time added Last activity Links
37.44.238.88 ssd5-6208.10083 AS49434
AS34534
FR 5614115
+ 178282 DShield reports
+ 3 OTX pulses 		0.960 11 blacklists Scanner Login attempts  22, 80 2025-02-07 04:07:40 2025-02-22 06:31:28
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
185.246.128.133 -- AS42237
SE 934762
+ 633969 DShield reports 		0.933 1 blacklist Login attempts  135, 137, 445, 5985 2023-08-01 09:26:36 2025-02-22 06:30:05
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.255.85.35 -- AS207566
HK 84362
+ 655579 DShield reports
+ 12 OTX pulses 		0.932 7 blacklists Login attempts Scanner  22scanner 2025-01-30 11:17:12 2025-02-22 06:32:40
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
5.101.6.194 -- AS34665
RU 25211205
+ 69722 DShield reports
+ 4 OTX pulses 		0.930 10 blacklists Scanner  80 2024-12-01 07:50:02 2025-02-22 06:35:30
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
156.229.232.116 -- AS60223
US 1323741
+ 56008 DShield reports 		0.929 2 blacklists Scanner 2025-01-27 19:08:34 2025-02-22 06:29:59
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.255.85.189 -- AS207566
HK 255472
+ 174437 DShield reports
+ 36 OTX pulses 		0.928 13 blacklists Login attempts  22, 4000scanner 2024-11-08 17:08:30 2025-02-22 06:33:23
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
115.231.78.11 -- AS58461
CN 39906123
+ 429117 DShield reports 		0.924 10 blacklists Scanner 2024-10-24 01:37:09 2025-02-22 06:36:09
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
176.113.115.137 -- AS49505
AS57678
HK 3298782
+ 75398 DShield reports
+ 18 OTX pulses 		0.921 7 blacklists Scanner 2024-12-10 17:35:43 2025-02-22 06:36:08
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
80.82.77.202 rnd.group-ib.com AS202425
NL 47368204
+ 356162 DShield reports
+ 11 OTX pulses 		0.920 16 blacklists Scanner  80, 443scanner 2023-08-17 16:11:05 2025-02-22 06:36:49
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
211.234.111.116 211-234-111-116.kidc.net AS3786
KR 144862
+ 44915 DShield reports
+ 1 OTX pulses 		0.918 1 blacklist IP in hostname Login attempts  21, 22, 80 2023-10-03 01:45:18 2025-02-22 02:40:11
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.255.85.188 -- AS207566
HK 252172
+ 174024 DShield reports
+ 37 OTX pulses 		0.912 14 blacklists Login attempts  22, 80, 4000scanner, eol-product 2024-11-08 17:08:30 2025-02-22 05:52:33
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
5.101.6.136 -- AS34665
RU 6179155
+ 15374 DShield reports
+ 4 OTX pulses 		0.909 7 blacklists Scanner  80 2025-01-15 17:02:09 2025-02-22 06:34:49
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
194.0.234.38 -- AS214295
IR 100572
+ 87710 DShield reports
+ 10 OTX pulses 		0.906 12 blacklists Login attempts  22, 111scanner 2024-12-28 20:49:26 2025-02-22 05:12:25
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
162.215.133.102 7022851.akhbm.com AS46606
US 56252
+ 6769 DShield reports 		0.901 9 blacklists Login attempts  22, 26, 53, 80, 110, ...open-dir, starttls 2024-12-14 15:28:29 2025-02-22 06:37:12
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
71.6.199.23 einstein.census.shodan.io AS10439
US 43675134
+ 128875 DShield reports
+ 5 OTX pulses 		0.898 14 blacklists Scanner Research scanner Whitelisted  22, 500, 9002scanner, vpn 2018-09-14 09:54:55 2025-02-22 06:34:07
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
185.7.214.180 -- AS207566
RU 312552
+ 224709 DShield reports 		0.897 4 blacklists Login attempts 2025-02-04 05:40:12 2025-02-22 06:22:39
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
185.165.191.27 red.census.shodan.io AS174
SC 43635125
+ 124630 DShield reports
+ 4 OTX pulses 		0.893 13 blacklists Scanner Research scanner Whitelisted  22, 500, 4500, 9002scanner, vpn 2024-03-29 22:25:35 2025-02-22 06:35:29
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
194.0.234.37 -- AS214295
IR 99472
+ 87530 DShield reports
+ 8 OTX pulses 		0.891 12 blacklists Login attempts  22, 111scanner 2024-12-28 20:49:26 2025-02-22 05:15:51
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
218.92.0.236 -- AS4134
CN 164592
+ 228145 DShield reports 		0.891 13 blacklists Login attempts 2024-11-01 17:07:11 2025-02-21 21:29:42
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
218.92.0.233 -- AS4134
CN 212892
+ 246300 DShield reports
+ 1 OTX pulses 		0.891 13 blacklists Login attempts 2024-10-31 23:07:18 2025-02-21 22:05:21
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield