IOC Radar
IPMediumSignal 56/100

193.32.176.12

Location
United KingdomUnited Kingdom
London, England
ASN
AS215540
Global Connectivity Solutions LLP
First Seen
Mar 1, 2024
Last Seen
Feb 21, 2026
Mar 1
First Seen
832d ago
Feb 21
Last Seen
110d ago
6
Reports
source reports
56%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
56%
Signal Score
56 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

31 techniques

Network Information

CountryGBUnited Kingdom
RegionLondon, England
ASNAS215540
OrganizationGlobal Connectivity Solutions LLP

Feed Intelligence Summary

6 reports56% confidence
6
Source reports
56%
Confidence score
Category tags
account compromiseawsazurebackdoorbl networksbotnetcgi globalclick-based attackcommand and controlcompromised websitecredential harvestingcredential theftcybercxdata encryptiondata exfiltrationdistributed attackseuropeeurope/asiaextortionfornex hostingheadless browserheadless browser automationindicatorinformation technologyinitial accessinjected linkinjected linksit infrastructurejavascript injectionlimitedmalicious linksmalicious pluginmalicious pluginsmalicious softwaremalwaremalware injectionnetworkphishing attackprivilege escalationprocess injectionprospero oooproton66 ooopublicraasransomwarered bytesremote accessresearchedrussiasecurity operationssftp compromisesmartape ousocial engineeringsoftware developmentsolutions llpsupply chain attacksystem disruptiont1027t1055t1059.007t1068t1071.001t1078t1078.001t1078.004t1105t1133t1189t1190t1195t1195.001t1195.002t1199t1204.001t1204.002t1486t1490t1496t1499.002t1499.003t1505.003t1555t1565t1566t1566.001t1566.002t1566.003t1608.001third-party riskthreat intelligenceunited kingdomuser executionwordpress phishing campaignwp engine

Activity Timeline

1 total obs
Feb 21Feb 21

Threat Activity Heatmap

· Peak: 2026-02-21
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
56
SIGNAL
Signal Score
56%
Confidence
6
Reports
First seenMar 1, 2024
Last seenFeb 21, 2026
GeolocationGB
CountryUnited Kingdom
LocationLondon, England
ASNAS215540
OrgGlobal Connectivity Solutions LLP
Coords55.7386, 37.6068

VirusTotal

Not checked

WHOIS

description
CC=RU ASN=AS209357 llc ittsb variag
raw
inetnum: 193.32.176.0 - 193.32.176.255 netname: GIR_SER-NET org: ORG-GCSL7-RIPE descr: GIR_SER-NET country: GB admin-c: EM13995-RIPE admin-c: EP11479-RIPE tech-c: EM13995-RIPE mnt-domains: INETTECH-MNT mnt-lower: INETTECH-MNT mnt-routes: INETTECH-MNT status: ASSIGNED PA mnt-by: ru-pev-1-mnt created: 2019-01-18T04:24:01Z last-modified: 2024-07-19T09:31:13Z source: RIPE organisation: ORG-GCSL7-RIPE descr: Global Connectivity Solutions org-name: GLOBAL CONNECTIVITY SOLUTIONS LLP country: GB org-type: OTHER address: Suite 310, 21 Hill Street, Haverfordwest, Pembrokeshire, SA61 1QQ abuse-c: ACRO55365-RIPE remarks: -----CONTACT----- remarks: abuse: [email protected] remarks: support: [email protected] remarks: -------END------- mnt-ref: GIRnet-mnt remarks: -----CUSTOMERS----- mnt-ref: AM-VDS mnt-ref: INETTECH-MNT mnt-ref: ru-avm-1-mnt mnt-ref: ru-pev-1-mnt mnt-ref: PROEKT-MNT mnt-ref: proxy-six-mnt mnt-ref: IPSMAIN mnt-ref: IEAG mnt-ref: MNT-DGTL mnt-ref: MNT-INTERLAN mnt-ref: AZERONLINE-MNT mnt-ref: lir-ru-powernet-1-MNT mnt-ref: lir-ru-llclorien-1-MNT mnt-ref: ru-permtelecom-1-mnt mnt-ref: DATAMAX-M mnt-ref: IVC-MNT mnt-ref: FREENET-MNT mnt-ref: BG-MNT mnt-ref: ru-quasar-1-mnt mnt-ref: voldeta-mnt mnt-ref: interlir-mnt mnt-ref: mnt-ru-ipdenisova-1 mnt-ref: MNT-STRL mnt-ref: MNT-GCX mnt-ref: ROSNIIROS-MNT mnt-ref: IPMAGNAT-MNT mnt-ref: VPSVILLE-mnt mnt-ref: lir-ae-royal-1-MNT mnt-ref: MNT-NETERRA mnt-ref: SVT-RIPE-MNT mnt-ref: mnt-ru-am-1 mnt-ref: us-coreip-1-mnt mnt-ref: mnt-bg-eurocrypt-1 mnt-ref: lir-ae-technology-1-MNT remarks: --------END-------- mnt-by: GCS-MNT created: 2024-01-25T10:49:19Z last-modified: 2025-05-01T15:02:33Z source: RIPE # Filtered person: Evgenii M. address: Russian Federation phone: +7 (978) 643-46-76 remarks: -----info----- remarks: abuse: [email protected] remarks: support: [email protected] remarks: -------------- nic-hdl: EM13995-RIPE mnt-by: GIRnet-mnt created: 2022-05-12T21:39:40Z last-modified: 2022-11-28T15:21:47Z source: RIPE # Filtered person: Evgenii Plotnikov address: Lenina str. 59-15 address: 456618 address: Kopejsk city address: RUSSIAN FEDERATION phone: +7 922 2387330 nic-hdl: EP11479-RIPE mnt-by: ru-pev-1-mnt created: 2017-12-07T07:51:32Z last-modified: 2018-09-14T04:41:15Z source: RIPE # Filtered route: 193.32.176.0/24 origin: AS215540 mnt-by: INETTECH-MNT created: 2024-06-06T17:18:22Z last-modified: 2024-06-06T17:18:22Z source: RIPE
references
https://connect.cybercx.com.au/dark-engine, https://storage.pardot.com/1069042/1748905703CCn8f7sn/CyberCX___WP_Engine_Report.pdf

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 3 months ago
Appeared in 6 threat reports