Search IP addresses by ...

IP prefix
IPv4 prefix/subnet in CIDR format.
Hostname suffix
Suffix of the hostname associated with the IP address. Can be used to search all hosts under given (sub)domain.
ASN
Autonomous system number. Enter as "1234" or "AS1234”.
Country
Code of the country the IP address is probably located in (according to MaxMind database).
Source
Select IP addresses for which there are data (alerts, events, ...) from given primary data source(s).
OR
AND
Event category
Select IP addresses with Warden alerts of given category.
OR
AND
Blacklist
Select IP addresses listed on given blacklist(s).
OR
AND
Tag
Select IP addresses with given tag(s).
OR
AND

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses
IP addresses
Paste any text containing IPv4 addresses or prefixes in CIDR format. Search will return all addresses in NERD matching any of your addresses or prefixes.

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses

Results (≥20≥20)

IP address Hostname ASN Country Events Rep.(?) Other properties Time added Last activity Links
91.215.85.88 -- AS200593
RU 62656132
+ 1412576 DShield reports 		0.997 5 blacklists Login attempts  135, 137, 5985, 50100 2025-11-14 08:31:47 2026-01-12 00:44:40
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
213.209.159.159 -- AS208137
DE 2891123
+ 32619 DShield reports 		0.993 10 blacklists Login attempts  80, 8080 2025-12-30 18:59:58 2026-01-12 00:42:56
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
80.94.92.182 -- AS48090
AS47890
RO 12591173
+ 58190 DShield reports 		0.981 15 blacklists Scanner Login attempts  22scanner 2025-11-18 16:26:32 2026-01-12 00:46:09
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
130.12.180.51 -- AS214943
US 1295113
+ 13865 DShield reports 		0.974 5 blacklists Malware Login attempts 2025-12-20 07:34:46 2026-01-11 23:00:47
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.118.39.95 -- AS48090
AS47890
US 9975173
+ 150413 DShield reports 		0.967 16 blacklists Scanner Login attempts 2025-04-16 06:10:40 2026-01-12 00:43:05
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
45.148.10.121 -- AS48090
NL 15914144
+ 332619 DShield reports 		0.967 11 blacklists Scanner Login attempts  22scanner 2025-12-06 02:39:49 2026-01-12 00:46:19
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
143.198.225.197 floss.census.shodan.io AS14061
US 27164125
+ 141644 DShield reports 		0.966 8 blacklists Whitelisted Research scanner Scanner  22, 500, 9002cloud, vpn 2025-08-29 20:19:28 2026-01-12 00:46:29
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
185.11.61.151 -- AS57523
HK 8234112
+ 51998 DShield reports 		0.964 5 blacklists Login attempts 2025-12-15 14:17:05 2026-01-12 00:27:34
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
185.246.128.133 -- AS42237
SE 642762
+ 730415 DShield reports 		0.961 2 blacklists Login attempts  135, 137, 445, 5985, 47001 2023-08-01 09:26:36 2026-01-11 23:30:55
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
143.110.239.2 buffet.census.shodan.io AS14061
US 26957115
+ 141941 DShield reports 		0.959 10 blacklists Whitelisted Research scanner Scanner  22, 500, 9002cloud, vpn 2025-08-29 20:37:23 2026-01-12 00:46:19
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
193.32.162.146 -- AS47890
RO 22340163
+ 153937 DShield reports 		0.959 16 blacklists Scanner Login attempts 2025-06-06 07:38:19 2026-01-12 00:36:19
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
207.90.244.5 -- AS174
US 34056115
+ 215435 DShield reports 		0.958 11 blacklists Scanner  22, 500, 9002vpn 2022-12-10 20:58:44 2026-01-12 00:44:19
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
207.90.244.25 -- AS174
US 32435105
+ 217695 DShield reports 		0.955 11 blacklists Scanner  22, 123, 9002 2025-04-17 23:19:22 2026-01-12 00:43:19
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
207.90.244.20 -- AS174
US 33276105
+ 214207 DShield reports 		0.954 11 blacklists Scanner  22, 123, 4500, 9002vpn 2025-04-17 23:01:18 2026-01-12 00:44:40
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
207.90.244.26 -- AS174
US 33469105
+ 216160 DShield reports 		0.953 11 blacklists Scanner  22, 123, 4500, 9002vpn 2025-04-17 23:22:40 2026-01-12 00:45:39
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
193.32.162.145 -- AS47890
RO 8515184
+ 150123 DShield reports 		0.953 16 blacklists Scanner Login attempts 2025-06-06 07:36:57 2026-01-12 00:34:24
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
207.90.244.27 -- AS174
US 33277105
+ 216109 DShield reports 		0.953 11 blacklists Scanner  22, 123, 500, 4500, 9002vpn 2025-04-17 23:25:56 2026-01-12 00:42:50
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
207.90.244.10 -- AS174
US 33597115
+ 206172 DShield reports 		0.953 10 blacklists Scanner  22, 4500, 9002vpn 2023-06-22 02:59:30 2026-01-12 00:42:19
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
91.224.92.14 srv-91-224-92-14.serveroffer.net AS133398
AS209605
GB 85695134
+ 98973 DShield reports 		0.953 18 blacklists IP in hostname Scanner  22, 135, 445, 5985scanner 2025-10-22 14:19:29 2026-01-12 00:45:49
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
207.90.244.2 -- AS174
US 33428115
+ 221019 DShield reports 		0.952 13 blacklists Scanner  22, 4500, 9002vpn 2022-12-08 05:10:54 2026-01-12 00:45:09
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield