Search IP addresses by ...

IP prefix
IPv4 prefix/subnet in CIDR format.
Hostname suffix
Suffix of the hostname associated with the IP address. Can be used to search all hosts under given (sub)domain.
ASN
Autonomous system number. Enter as "1234" or "AS1234”.
Country
Code of the country the IP address is probably located in (according to MaxMind database).
Source
Select IP addresses for which there are data (alerts, events, ...) from given primary data source(s).
OR
AND
Event category
Select IP addresses with Warden alerts of given category.
OR
AND
Blacklist
Select IP addresses listed on given blacklist(s).
OR
AND
Tag
Select IP addresses with given tag(s).
OR
AND

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses
IP addresses
Paste any text containing IPv4 addresses or prefixes in CIDR format. Search will return all addresses in NERD matching any of your addresses or prefixes.

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses

Results (≥20≥20)

IP address Hostname ASN Country Events Rep.(?) Other properties Time added Last activity Links
2.57.121.112 dns112.personaliseplus.com AS47890
RO 14838143
+ 275156 DShield reports 		0.997 11 blacklists IP in hostname Login attempts Scanner 2025-10-04 21:56:26 2025-12-12 21:08:17
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
91.215.85.88 -- AS200593
RU 29257132
+ 723440 DShield reports 		0.995 5 blacklists Login attempts 2025-11-14 08:31:47 2025-12-12 21:08:27
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
45.140.17.97 -- AS198953
RU 14035132
+ 1766372 DShield reports 		0.995 8 blacklists Login attempts Scanner  135, 137, 5985, 50100 2025-09-21 18:44:46 2025-12-12 21:08:42
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
185.246.130.20 -- AS42237
SE 3950134
+ 141582 DShield reports 		0.994 7 blacklists Login attempts  135, 137, 139, 445, 3306, ...database 2024-10-29 11:05:11 2025-12-12 20:07:49
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
193.32.162.146 -- AS47890
RO 25062174
+ 124332 DShield reports 		0.992 16 blacklists Scanner Login attempts  22scanner 2025-06-06 07:38:19 2025-12-12 20:49:43
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
2.57.121.25 hosting25.tronicsat.com AS47890
RO 8563142
+ 165967 DShield reports 		0.991 9 blacklists IP in hostname Login attempts Scanner 2025-10-05 10:37:13 2025-12-12 21:02:35
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
80.94.92.186 -- AS48090
AS47890
RO 4893164
+ 28477 DShield reports 		0.986 13 blacklists Scanner Login attempts 2025-11-18 16:25:46 2025-12-12 21:09:49
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
80.94.92.182 -- AS48090
AS47890
RO 6230163
+ 27502 DShield reports 		0.984 13 blacklists Scanner Login attempts 2025-11-18 16:26:32 2025-12-12 21:08:08
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
78.128.112.74 ip-112-74.4vendeta.com AS202325
AS208637
BG 8267144
+ 202573 DShield reports 		0.983 8 blacklists IP in hostname Login attempts Scanner  22 2025-05-28 12:16:17 2025-12-12 21:00:29
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
179.43.139.58 hostedby.privatelayer.com AS51852
CH 1737122
+ 14128 DShield reports 		0.981 1 blacklist Login attempts  137, 445, 5985, 10000, 10001, ... 2025-09-02 11:57:48 2025-12-12 19:38:16
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
179.43.133.154 hostedby.privatelayer.com AS51852
CH 3273132
+ 29412 DShield reports 		0.978 1 blacklist Login attempts  135, 137, 445, 5985, 10000, ... 2025-09-02 11:59:39 2025-12-12 21:09:49
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
92.118.39.95 -- AS48090
AS47890
US 8950164
+ 104810 DShield reports 		0.978 15 blacklists Scanner Login attempts 2025-04-16 06:10:40 2025-12-12 20:15:37
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
77.83.207.83 -- AS216341
HK 21570152
+ 163553 DShield reports 		0.973 4 blacklists Login attempts  135, 137, 445, 3389, 5985, ...self-signed 2025-07-16 04:54:12 2025-12-12 21:08:17
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
176.32.195.85 scan.f6.security AS197834
AM 38355265
+ 67428 DShield reports
+ 12 OTX pulses 		0.973 10 blacklists Scanner  80 2025-06-19 14:22:43 2025-12-12 21:10:39
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
77.83.207.82 -- AS216341
HK 18532152
+ 190278 DShield reports 		0.973 5 blacklists Login attempts  135, 137, 445, 3389, 5985, ...self-signed 2025-08-30 06:18:58 2025-12-12 20:49:54
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
80.94.92.166 -- AS48090
AS47890
RO 2793153
+ 47842 DShield reports 		0.971 12 blacklists Login attempts Scanner 2025-11-19 14:32:58 2025-12-12 19:29:35
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
78.153.140.178 -- AS202306
GB 3152352
+ 170142 DShield reports
+ 3 OTX pulses 		0.969 10 blacklists Scanner  80, 8080eol-product 2024-01-13 21:03:17 2025-12-12 21:11:30
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
78.153.140.176 -- AS202306
GB 3930052
+ 188161 DShield reports
+ 4 OTX pulses 		0.969 10 blacklists Scanner  25, 80, 8080eol-product 2024-01-13 21:05:41 2025-12-12 21:10:59
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
147.182.202.179 pancake.scanf.shodan.io AS14061
US 17607115
+ 113340 DShield reports 		0.965 8 blacklists Research scanner Whitelisted Scanner  22, 9002cloud 2023-08-09 02:53:23 2025-12-12 21:07:20
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
207.90.244.25 -- AS174
US 26181105
+ 176966 DShield reports 		0.965 9 blacklists Scanner  22, 123, 500, 4500, 9002vpn 2025-04-17 23:19:22 2025-12-12 21:07:19
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield