Search IP addresses by ...

IP prefix
IPv4 prefix/subnet in CIDR format.
Hostname suffix
Suffix of the hostname associated with the IP address. Can be used to search all hosts under given (sub)domain.
ASN
Autonomous system number. Enter as "1234" or "AS1234”.
Country
Code of the country the IP address is probably located in (according to MaxMind database).
Source
Select IP addresses for which there are data (alerts, events, ...) from given primary data source(s).
OR
AND
Event category
Select IP addresses with Warden alerts of given category.
OR
AND
Blacklist
Select IP addresses listed on given blacklist(s).
OR
AND
Tag
Select IP addresses with given tag(s).
OR
AND

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses
IP addresses
Paste any text containing IPv4 addresses or prefixes in CIDR format. Search will return all addresses in NERD matching any of your addresses or prefixes.

Sorting options

Sort by
Order
DESC
ASC
Max. number of addresses

Results (≥20≥20)

IP address Hostname ASN Country Events Rep.(?) Other properties Time added Last activity Links
45.140.17.97 -- AS198953
RU 672192
+ 903925 DShield reports 		0.995 7 blacklists Login attempts Scanner  135, 137, 5985 2025-09-21 18:44:46 2025-10-28 00:59:09
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
62.60.131.157 -- AS208137
IR 8942103
+ 182162 DShield reports 		0.994 10 blacklists Login attempts  3389self-signed 2025-09-19 14:03:31 2025-10-28 00:53:26
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
78.128.112.74 ip-112-74.4vendeta.com AS202325
AS208637
BG 8254144
+ 247865 DShield reports 		0.993 8 blacklists IP in hostname Login attempts Scanner  22 2025-05-28 12:16:17 2025-10-28 00:38:56
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
193.32.162.157 -- AS47890
RO 15368145
+ 812123 DShield reports
+ 1 OTX pulses 		0.988 14 blacklists Scanner Login attempts  22scanner 2025-05-10 13:46:54 2025-10-28 00:59:59
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
45.135.232.24 -- AS198953
RU 97878112
+ 2066754 DShield reports 		0.985 4 blacklists Login attempts  135, 137, 139, 5985 2025-05-10 14:41:19 2025-10-27 17:39:44
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
185.156.73.233 -- AS210848
AS211736
ZA 5521123
+ 264093 DShield reports 		0.981 12 blacklists Login attempts Scanner  22, 111, 3128, 8006scanner 2025-05-15 03:41:41 2025-10-28 00:46:19
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
196.251.114.29 -- SC 40093132
+ 60912 DShield reports
+ 117 OTX pulses 		0.975 6 blacklists Scanner  22scanner 2025-02-13 17:35:47 2025-10-28 01:00:39
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
80.82.77.202 rnd.group-ib.com AS202425
NL 54093123
+ 270666 DShield reports
+ 5 OTX pulses 		0.975 15 blacklists Scanner  80scanner 2023-08-17 16:11:05 2025-10-28 01:00:39
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
194.0.234.21 -- AS214295
IR 7511112
+ 104223 DShield reports
+ 117 OTX pulses 		0.966 5 blacklists Login attempts  22, 111 2025-04-04 20:42:12 2025-10-27 23:07:56
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
149.100.11.243 -- AS174
ES 6594143
+ 53578 DShield reports 		0.957 5 blacklists Scanner  22, 80eol-product, scanner 2025-04-23 18:49:59 2025-10-27 09:07:57
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
45.148.10.73 -- AS48090
NL 274862
+ 68149 DShield reports 		0.950 4 blacklists Scanner 2025-10-16 04:01:28 2025-10-27 22:38:41
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
185.246.130.20 -- AS42237
SE 3319104
+ 211550 DShield reports 		0.944 6 blacklists Login attempts  135, 137, 139, 445, 3306, ...database 2024-10-29 11:05:11 2025-10-28 00:40:12
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
146.190.174.211 -- AS14061
US 177284
+ 10237 DShield reports 		0.944 4 blacklists Scanner Login attempts  22, 80, 443cloud, open-dir 2024-01-10 22:33:51 2025-10-27 23:18:17
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
45.134.225.119 -- AS208046
AS213438
DE 2439764
+ 87217 DShield reports 		0.944 7 blacklists Scanner  22, 80scanner 2025-07-08 14:31:32 2025-10-27 20:43:06
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
176.65.149.208 hosted-by.pfcloud.io AS51396
NL 5590653
+ 61202 DShield reports 		0.939 7 blacklists Scanner  22 2025-10-13 00:53:14 2025-10-28 00:58:49
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
78.153.140.178 hostglobal.plus AS202306
GB 1748352
+ 59075 DShield reports
+ 1 OTX pulses 		0.939 9 blacklists Scanner  80, 8080eol-product, scanner 2024-01-13 21:03:17 2025-10-28 00:57:39
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
79.124.8.120 -- AS213438
NL 14385064
+ 941589 DShield reports
+ 2 OTX pulses 		0.938 4 blacklists Scanner  22, 80 2025-06-04 16:31:42 2025-10-28 00:18:03
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
80.82.77.139 dojo.census.shodan.io NL 50340104
+ 82984 DShield reports
+ 1 OTX pulses 		0.936 11 blacklists Scanner Research scanner Whitelisted  22, 111, 9002 2017-03-20 10:36:49 2025-10-28 00:58:49
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
178.16.54.6 -- AS209800
DE 1658482
+ 123309 DShield reports 		0.935 3 blacklists Login attempts  135, 137, 445, 10001, 10005, ... 2025-08-23 13:44:26 2025-10-28 00:43:09
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield
170.64.167.72 -- AS14061
AU 198973
+ 9585 DShield reports
+ 118 OTX pulses 		0.934 5 blacklists Scanner Login attempts  22, 80, 443cloud 2023-12-26 07:17:30 2025-10-27 23:05:27
  Shodan   Censys   valli.org   whatismyipaddress.com   AbuseIPDB   Talos Intelligence Center   Greynoise Visualizer   DShield