IPMediumSignal 62/100

`78.153.140.40`

Location

United Kingdom

City of London, England

ASN

AS202306

HOSTGLOBAL.PLUS LTD

First Seen

Apr 17, 2025

Last Seen

Jun 17, 2026

Apr 17

First Seen

430d ago

Jun 17

Last Seen

4d ago

Reports

source reports

62%

Confidence

medium

Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

62%

Signal Score

62 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

54 techniques

Network Information

Country

United Kingdom

RegionCity of London, England

ASNAS202306

OrganizationHOSTGLOBAL.PLUS LTD

Feed Intelligence Summary

13 reports62% confidence

Source reports

62%

Confidence score

Category tags

abuseactive scanactive scanningadband injection attemptsattackattacker-ipaustraliaautomated attacksautomated-attackbad reputationbad web botblacklisted ipsbotnetbotnet activitybotnet activity detectionbrute forcebrute force attackbrute force attackerbrute force attacksbrute force attemptsbrute-forcebruteforcec&c communicationc2 communicationcanadacloud environmentcloud infrastructurecode executioncode injectioncode-injectioncommand & controlcommand and controlcommand executioncommunication protocolcompromised hostcompromised hostscowriecowrie honeypotcowrie ssh attackscredential accesscredential harvestingcredential stuffingcredential theftcredential-bruteforcingcredential-harvestingcvedata encryptiondata exfiltrationdata store exposuredatabase attackdatabase attacksdatabase securityddosddos activityddos attackddos attacksddos preparationdecoy systemdenial of servicedenial-of-servicedigital oceandigitalocean platformdionaeadionaea activitydionaea honeypotdionaea malware samplesdionaea payloadsdiscovery phasedistributed attacksdnsdns attackdropperdropper activityencryptionenv-huntingeu cyber policieseuropeeurope/asiaexploitexploit attemptsexploit kitexploit probingexploitationexploitation activityexploited hostexternal threatfailed login attemptsfattfatt analysisfatt detectionsfilefinlandfranceftpftp attacksftp brute forceftp brute-forceftp scangbgermanyhackinghoneynet connecthoneytrap activityhoneytrap eventshoneytrap exploit attemptshoneytrap honeypothttp brute forcehttp probinghttp scanhttp scannerhttpsidentity & access exploitationimapindicatorinitial-access-attemptinjection activityinjection attacksinternet-wide scanip-addressesipv4ipv4 addressesirclateral movementlogin attemptmailoney activitymailoney eventsmailoney honeypotmalicious activitymalicious file transfermalicious ipsmalicious softwaremalicious trafficmalwaremalware behaviourmalware capturemalware deliverymalware distributionmalware droppermalware propagationmobilemobile securitymssqlnetworknetwork attacksnetwork intrusionnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork scanning activitynetwork securitynetwork servicesnetwork-reconnaissancenginxnorth americanull scanoceaniaopportunistic-attackp0fp0f network fingerprintingp0f signaturespassword attackpassword attacksphishingphishing attackphishing trappolandport-scanningportscanpotential botnetprocess injectionprotocol exploitationransomwarerdp scanrdp scanningreconnaissanceregional securityremote accessremote servicesresearchedresource hijackingrussiascannerscanner activityscannersscanning activitysecurity operationssensor-taggedsentrypeer activitysentrypeer botnetsentrypeer eventsserver exploitationservice enumerationservice scansip attackssmtpsmtp attackssmtp brute forcesmtp scansocial engineeringsocradar honeypotspamspam distributionsql injectionsql-injectionsshssh attackssh attacksssh monitoringssh scanssh scanningsuricata alertssyn scansystem accesst1003t1005t1018t1021t1021.001t1021.002t1040t1046t1053t1055t1059t1059.003t1059.004t1064t1068t1071t1071.001t1076t1077t1078t1087t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1195t1203t1486t1496t1497t1497.001t1499.001t1499.002t1499.003t1505.002t1563t1565t1566t1566.001t1566.002t1566.003t1572t1583t1590t1592t1595t1595.001t1595.002t1595.003tannertanner activitytanner eventstargeting databasetcp port scanningtcp protocoltcp scantelecommunicationstelnet scantelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotudp port scanningudp scanunattributed activityunauthorized accessunauthorized access attemptunited kingdomunited statesunknown actorunknown threat actorvnc protocolvoidtrapvoipvoip attackvulnerability scanweb app attackweb application attackweb application attacksweb exploitweb exploitationweb service scanningweb shell detectionweb spamweb trafficweb-application-attackxmas scan

Activity Timeline

1 total obs

Jun 17Jun 17

Threat Activity Heatmap

· Peak: 2026-06-17

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

Minimal

30d

Minimal

3mo

Minimal

Threat ScoreMedium Risk

SIGNAL

Signal Score

62%

Confidence

Reports

First seenApr 17, 2025

Last seenJun 17, 2026

GeolocationGB

CountryUnited Kingdom

LocationCity of London, England

ASNAS202306

OrgHOSTGLOBAL.PLUS LTD

Coords51.5072, -0.1276

VirusTotal

Not checked

WHOIS

description: IPv4 hosts detected port scanning DigitalOcean London (UK) honeypot
raw: inetnum: 78.153.140.0 - 78.153.140.255 netname: HostGlobalPlus mnt-domains: MNT-HOSTGLOBALPLUS mnt-routes: MNT-HOSTGLOBALPLUS org: ORG-HL257-RIPE country: GB geofeed: https://hostglobal.plus/geofeeds.csv remarks: Geofeed https://hostglobal.plus/geofeeds.csv admin-c: AE5332-RIPE tech-c: AE5332-RIPE status: ASSIGNED PA mnt-by: MNT-HOSTGLOBALPLUS mnt-by: MNT-INTERLAN created: 2008-10-13T12:31:10Z last-modified: 2023-10-31T14:57:12Z source: RIPE organisation: ORG-HL257-RIPE org-name: HOSTGLOBAL.PLUS LTD country: GB org-type: OTHER address: 20-22 Wenlock Road, London, England, N1 7GU abuse-c: ACRO16672-RIPE mnt-ref: NETWORK-SUPPORT-MNT mnt-ref: MNT-INTERLAN mnt-by: MNT-HOSTGLOBALPLUS created: 2021-03-12T11:14:31Z last-modified: 2022-12-29T12:38:19Z source: RIPE # Filtered person: Aleksei Efimov address: 20-22 Wenlock Road, London, England, N1 7GU phone: +447931362678 nic-hdl: AE5332-RIPE mnt-by: MNT-HOSTGLOBALPLUS created: 2018-06-08T07:28:40Z last-modified: 2024-10-08T22:26:23Z source: RIPE route: 78.153.140.0/24 origin: AS202306 mnt-by: MNT-INTERLAN created: 2023-10-26T15:00:14Z last-modified: 2023-10-26T15:00:14Z source: RIPE

`78.153.140.40`

MITRE ATT&CK TTPs

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey