Search IP addresses by ...

IP prefix
IPv4 prefix/subnet in CIDR format.
Hostname suffix
Suffix of the hostname associated with the IP address. Can be used to search all hosts under given (sub)domain.
ASN
Autonomous system number. Enter as "1234" or "AS1234”.
Country
Code of the country the IP address is probably located in (according to MaxMind database).
Source
Select IP addresses for which there are data (alerts, events, ...) from given primary data source(s).
OR
AND
Event category
Select IP addresses with Warden alerts of given category.
OR
AND
Blacklist
Select IP addresses listed on given blacklist(s).
OR
AND
Tag
Select IP addresses with given tag(s).
OR
AND

Threat category

Role
Select IP addresses with threat category records matching the selected role.
Category
Select IP addresses with threat category records matching the selected category.
OR
AND
Subcategory
Select IP addresses with threat category records matching the selected subcategory.
=
Confidence
Minimum category confidence.

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses
IP addresses
Paste any text containing IPv4 addresses or prefixes in CIDR format. Search will return all addresses in NERD matching any of your addresses or prefixes.

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses

Results (≥20≥20)

IP address Hostname ASN Country Events Rep.(?) Threat category Other properties Time added Last activity Links
45.148.10.121 -- AS48090
NL 47645214
+ 615385 DShield reports
+ 25 OTX pulses 		1.000
src login protocol: ssh
port: 22
src scan port: 22, 2222, 8022
src
16 blacklists  22scanner 2025-12-06 02:39:49 2026-03-19 10:50:00
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
37.77.150.119 -- AS198953
RU 30476153
+ 261076 DShield reports 		0.999
src login protocol: ssh
port: 22
src scan
src
4 blacklists 2026-02-08 15:37:29 2026-03-19 12:00:54
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
77.90.185.17 -- AS215476
AS213790
DE 5402112
+ 48105 DShield reports
+ 10 OTX pulses 		0.999
src login protocol: ssh
port: 22
src scan
src
5 blacklists  22, 111 2026-02-22 04:51:32 2026-03-19 09:57:58
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
80.94.92.168 -- AS48090
AS47890
RO 20414172
+ 86701 DShield reports
+ 16 OTX pulses 		0.998
src login protocol: ssh
src scan port: 22
src
12 blacklists  22scanner 2025-11-19 15:20:59 2026-03-19 12:01:29
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
213.209.159.159 -- AS208137
DE 19372153
+ 138131 DShield reports
+ 9 OTX pulses 		0.998
src login protocol: ssh
port: 22
src scan port: 22
src
16 blacklists  3389self-signed 2025-12-30 18:59:58 2026-03-19 12:00:39
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
80.94.95.118 -- AS204428
RO 1436112
+ 15303 DShield reports
+ 5 OTX pulses 		0.998
src login protocol: ssh
port: 22
src scan
src
4 blacklists  53, 111, 3128 2026-02-22 04:52:44 2026-03-19 10:15:42
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
80.94.92.171 -- AS48090
AS47890
RO 16699173
+ 177903 DShield reports
+ 10 OTX pulses 		0.997
src login protocol: ssh
port: 22
src scan port: 22
src
16 blacklists  22scanner 2025-11-19 15:20:59 2026-03-19 11:56:57
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.118.39.56 -- AS48090
AS47890
US 17011163
+ 158146 DShield reports
+ 12 OTX pulses 		0.997
src login protocol: ssh
port: 22
src scan port: 22
src
15 blacklists  22scanner 2025-06-06 22:18:48 2026-03-19 11:35:17
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.118.39.76 -- AS48090
AS47890
US 16961184
+ 51344 DShield reports
+ 11 OTX pulses 		0.996
src login protocol: ssh
port: 22
src scan port: 22
src
16 blacklists  22scanner 2025-11-30 15:21:07 2026-03-19 11:55:22
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.118.39.72 -- AS48090
AS47890
US 15627172
+ 161021 DShield reports
+ 104 OTX pulses 		0.996
src login protocol: ssh
src scan port: 22
src
16 blacklists  22scanner 2025-01-05 11:23:47 2026-03-19 12:00:16
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
78.128.112.74 ip-112-74.4vendeta.com AS202325
AS208637
BG 2936154
+ 89590 DShield reports
+ 1 OTX pulses 		0.995
src scan port: 22
src login protocol: ssh, telnet
port: 22
src
14 blacklists  22scanner 2025-05-28 12:16:17 2026-03-19 11:54:58
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
2.57.122.238 -- AS48090
AS47890
RO 7508184
+ 173964 DShield reports
+ 4 OTX pulses 		0.994
src login protocol: ssh
port: 22
src
src scan port: 22
16 blacklists  22scanner 2025-11-06 15:20:09 2026-03-19 11:47:09
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
94.154.35.215 -- AS214943
AS214976
AS202412
NL 46653112
+ 150398 DShield reports 		0.993
src login protocol: ssh
port: 22
src scan
src
3 blacklists  135, 137, 139, 445, 5985, ... 2026-01-26 15:00:07 2026-03-19 11:51:43
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
178.16.54.226 -- AS209800
AS214943
AS214976
AS202412
NL 3843102
+ 31101 DShield reports 		0.990
src login protocol: ssh
port: 22
src scan
src
3 blacklists  111, 135, 137, 445, 5985, ... 2026-02-02 12:45:30 2026-03-18 07:12:08
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
179.43.133.154 hostedby.privatelayer.com AS51852
CH 37583102
+ 131532 DShield reports 		0.988
src login protocol: ssh
port: 22
src scan
src
1 blacklist  135, 137, 445, 5985, 10000, ... 2025-09-02 11:59:39 2026-03-19 12:00:39
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
193.32.162.145 -- AS47890
RO 12335173
+ 132501 DShield reports
+ 4 OTX pulses 		0.983
src login protocol: ssh
port: 22
src scan port: 22
src
17 blacklists  22scanner 2025-06-06 07:36:57 2026-03-19 10:47:19
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.118.39.95 -- AS48090
AS47890
US 15382173
+ 144134 DShield reports
+ 6 OTX pulses 		0.981
src login protocol: ssh
port: 22
src scan port: 22
src
15 blacklists  22scanner 2025-04-16 06:10:40 2026-03-19 11:23:48
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
80.94.92.186 -- AS48090
AS47890
RO 11680173
+ 92642 DShield reports
+ 4 OTX pulses 		0.977
src login protocol: ssh
port: 22
src scan port: 22
src
16 blacklists 2025-11-18 16:25:46 2026-03-19 11:37:46
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
80.94.92.182 -- AS48090
AS47890
RO 14321184
+ 92167 DShield reports
+ 7 OTX pulses 		0.976
src login protocol: ssh
port: 22
src scan port: 22
src
16 blacklists  22scanner 2025-11-18 16:26:32 2026-03-19 11:57:29
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
2.57.122.210 -- AS48090
AS47890
RO 9347163
+ 90231 DShield reports
+ 2 OTX pulses 		0.975
src login protocol: ssh
port: 22
src scan port: 22
src
16 blacklists  22scanner 2026-01-07 14:24:51 2026-03-19 12:00:20
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield