Shodan is a internet device scanner that records geographic location, ports, certain vulnerabilities, banner info and much much more information about devices on the internet.  As Google spiders web page content and URL’s, Shodan spiders devices ports and their banners, along with other information.

It might be in a network administrator’s best interests to block Shodan scans, as a hacker can use it to easily find open ports, vulnerabilities and other useful data.

Below is a list of IP’s that can be blocked to try and stop Shodan.  Please note these are subject to change and be out of date.  Although almost all shodan.io hostnames are listed, not all are scanners.  You will not want o block www.shodan.io for example or you may not be able to get to their site to test.

 

Host IPv4 Open Ports
blog.shodan.io 104.236.198.48 22, 25, 80, 443
www.shodan.io 104.25.90.97 80, 443, 8080, 8443
cli.shodan.io 216.117.2.180 80, 443
developer.shodan.io 216.117.2.180
enterprise.shodan.io 216.117.2.180
icsmap.shodan.io 216.117.2.180
careers.shodan.io 216.117.2.180
scanhub.shodan.io 216.117.2.180
maltego.shodan.io 216.117.2.180
honeyscore.shodan.io 216.117.2.180
help.shodan.io 216.117.2.180
maps.shodan.io 216.117.2.180
exploits.shodan.io 104.25.90.97 80, 443, 8080, 8443
shiptracker.shodan.io 45.55.163.215 22, 80, 443
account.shodan.io 104.25.90.97 80, 443, 8080, 8443
census1.shodan.io 198.20.69.74
census2.shodan.io 198.20.69.98 22, 111, 9001
census3.shodan.io 198.20.70.114 22, 111, 9001
census4.shodan.io 198.20.99.130
census5.shodan.io 93.120.27.62
census6.shodan.io 66.240.236.119 22, 111, 9001
census7.shodan.io 71.6.135.131 22, 111, 9001
census8.shodan.io 66.240.192.138 22, 111, 9001
census9.shodan.io 71.6.167.142 22, 111, 9001
census10.shodan.io 82.221.105.6 22, 111, 9001, 16992
census11.shodan.io 82.221.105.7 22, 111, 9001, 16992
census12.shodan.io 71.6.165.200 22, 111, 9001
atlantic.census.shodan.io 188.138.9.50
pacific.census.shodan.io 85.25.103.50
rim.census.shodan.io 85.25.43.94
pirate.census.shodan.io 71.6.146.185 22, 111, 9001
ninja.census.shodan.io 71.6.158.166 22, 111, 9001
border.census.shodan.io 216.117.2.180
burger.census.shodan.io 66.240.219.146 22, 111, 9001
hello.data.shodan.io 104.131.0.69 80
scanner01.project25499.com 98.143.148.107 80
scanner02.project25499.com 155.94.254.133 443, 10001
scanner03.project25499.com 155.94.254.143
scanner04.project25499.com 155.94.222.12 80
scanner05.project25499.com 98.143.148.135