95.211.189.137 Threat Intelligence and Host Information

Oct 21, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 95.211.189.137 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 25/100

Host and Network Information

  • View other sources: Spamhaus VirusTotal
  • Contained within other IP sets: hphosts_ats, hphosts_emd, hphosts_mmt, hphosts_psh

  • Country: Netherlands
  • Network:
  • Noticed: 1 times
  • Protocols Attacked: SSH

Malware Detected on Host

Count: 22 bbbba763e92612e8258a28f602c6112339bfd56a2b158b4440ba238da017978d 99381d1663ca37d2b9748cc807a065139773d10a1702baf201a2b1ede5ffcc3f c128bd8b132821105c0bfc705fbc5a7301eb906a6fa1b86203b70b008091d812 dc86de6416a798e0caf8b411696d03b9d36c85aa07dda141378127da90f02aeb bc0e84c0ea99c934d9ebbba2156f0c6ef825cea73460b38a68fee03a58f142e8 ee64c298e2e2203679d729ffa40e5d4476758bd21727923e4da6c4b3a0143123 dfff282efca4dcaa75f458973f6547fb8d6e7b13c78d2f0de54b864507db152d 332a0d30d32243d55d67b6dcb1647c08420dbc85b724d2fa100d363defd77f8f f6bc96bf1f61db532ec34c7f1651a8282306a787e241dce1e78dfdb8b58054bf 1d82801d7f14ae0942a6a3390c156f0d7d1d9a97044f2e79ec3cd15ad0968b79

Open Ports Detected

1022 443 53 80 8080

Map

Whois Information

  • inetnum: 95.211.185.192 - 95.211.191.255
  • netname: LEASEWEB
  • descr: LeaseWeb Netherlands B.V.
  • country: NL
  • admin-c: LSW1-RIPE
  • tech-c: LSW1-RIPE
  • status: ASSIGNED PA
  • mnt-by: LEASEWEB-NL-MNT
  • created: 2012-06-01T14:53:24Z
  • last-modified: 2015-09-30T22:18:20Z
  • person: RIP Mean
  • address: P.O. Box 93054
  • address: 1090BB AMSTERDAM
  • address: Netherlands
  • phone: +31 20 3162880
  • fax-no: +31 20 3162890
  • nic-hdl: LSW1-RIPE
  • mnt-by: LEASEWEB-NL-MNT
  • created: 2005-06-07T14:36:03Z
  • last-modified: 2017-10-30T21:46:47Z
  • route: 95.211.0.0/16
  • descr: LEASEWEB
  • origin: AS60781
  • mnt-by: LEASEWEB-NL-MNT
  • created: 2014-03-11T14:28:00Z
  • last-modified: 2015-09-30T23:00:04Z
Share on: