IPMediumSignal 55/100
95.168.178.138
Location
United KingdomCanary Wharf, England
ASN
AS205544
LEASEWEB
First Seen
Dec 15, 2025
Last Seen
May 2, 2026
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
55%
Signal Score
55 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited Kingdom
United KingdomRegionCanary Wharf, England
ASNAS205544
OrganizationLEASEWEB
Feed Intelligence Summary
17 reports55% confidence
17
Source reports
55%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningapacheapache attackeraptattackaustraliabad reputationbad web botbotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute force attemptsbrute-force attackcommand and controlcommand injectioncommunication protocolcowrie honeypotcowrie interactionscredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosddos attackddos attack indicatorsddos attacksdecoy systemdenial of servicedionaea honeypotdistributed attacksdnsdns attackeuropeexploitexploit kit activityexploitationexploitation activityexploited hostfattftpftp brute forcegbhackinghoneytrap honeypothttp brute forcehttp scanneridentity & access exploitationindicatorinitial accessinjection activityinternet of thingsintrusion detectioniociot botnetiot securityiot targetediot/ics attacklamplamp stack targetingmailoney honeypotmalicious activitymalicious login attemptsmalicious softwaremalwaremalware behaviourmalware capturemirai botnetnetworknetwork attacksnetwork discoverynetwork intrusion attemptsnetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisoceaniaopenctip0fpassword attackpassword attacksphishingphishing attackphishing trapping of deathprocess injectionprotocol exploitationransomwareransomware activityreconnaissanceresearchedresource hijackingscanscannerscanning activitysecurity policysensor-taggedsentrypeer botnetservice scansftp attacksmtpsmtp brute forcesocial engineeringspamsql injection attemptsssh attackssh monitoringt-pott1018t1021t1021.002t1040t1041t1046t1055t1059t1071t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1496t1499.001t1499.002t1499.003t1555t1565t1566.001t1566.002t1566.003t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotunauthorized accessunited kingdomvoipvoip attackvulnerability scanweb application attackweb application attacksweb exploitationweb spamweb traffic
Activity Timeline
May 2May 2
Threat Activity Heatmap
· Peak: 2026-05-02LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
55
SIGNAL
Signal Score
55%
Confidence
17
Reports
First seenDec 15, 2025
Last seenMay 2, 2026
GeolocationGB
CountryUnited Kingdom
LocationCanary Wharf, England
ASNAS205544
OrgLEASEWEB
Coords51.5150, -0.0824
VirusTotal
Not checked
WHOIS
- raw
- inetnum: 95.168.176.0 - 95.168.183.255 netname: UK-LEASEWEB country: GB admin-c: LUN2-RIPE tech-c: LUN2-RIPE abuse-c: AR43136-RIPE status: ASSIGNED PA mnt-by: leaseweb-uk-mnt created: 2018-07-10T10:36:33Z last-modified: 2018-07-10T10:44:12Z source: RIPE role: Leaseweb UK NOC address: 35 Great St Helens EC3A 6AP London, UK nic-hdl: LUN2-RIPE mnt-by: leaseweb-uk-mnt created: 2017-09-21T17:32:46Z last-modified: 2017-09-21T17:32:46Z source: RIPE # Filtered route: 95.168.176.0/21 origin: AS205544 mnt-by: leaseweb-uk-mnt created: 2020-08-03T10:28:23Z last-modified: 2020-08-03T10:28:23Z source: RIPE
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 6 months ago · Last seen 1 month ago
Appeared in 17 threat reports