IOC Radar
IPMediumSignal 72/100

78.153.155.196

Location
United StatesUnited States
Atlanta, Georgia
ASN
AS215540
Global Connectivity Solutions LLP
First Seen
Apr 12, 2026
Last Seen
May 26, 2026
Apr 12
First Seen
70d ago
May 26
Last Seen
26d ago
10
Reports
source reports
72%
Confidence
medium
11/91
VirusTotal
detections
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
72%
Signal Score
72 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

3 techniques

Network Information

CountryUSUnited States
RegionAtlanta, Georgia
ASNAS215540
OrganizationGlobal Connectivity Solutions LLP

Feed Intelligence Summary

10 reports72% confidence
10
Source reports
72%
Confidence score
Category tags
abuseactive scanactive scanningaptbad reputationbrute forcebrute force attackerbrute-forcebruteforcecowriedigital oceandionaeaexploitexploitation activityfatthackingindicatornetworknorth americap0fportscanreconnaissanceresearchedscannerscannerssensor-taggedservice scant-pott1595.001t1595.002t1595.003tannerthreat actortpotunited statesusvulnerability scanvulnerability-exploitationvultr

Activity Timeline

1 total obs
May 26May 26

Threat Activity Heatmap

· Peak: 2026-05-26
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
72
SIGNAL
Signal Score
72%
Confidence
10
Reports
First seenApr 12, 2026
Last seenMay 26, 2026
GeolocationUS
CountryUnited States
LocationAtlanta, Georgia
ASNAS215540
OrgGlobal Connectivity Solutions LLP
Coords33.7501, -84.3885

VirusTotal

11/ 91vendors flagged
12% detection rateJun 5, 2026

WHOIS

description
Score: 60/100. Labels: abuseipdb:brute-force, abuseipdb:exploited-host, abuseipdb:hacking, abuseipdb:high, abuseipdb:multi-reported, abuseipdb:port-scan. 78.153.155.196 classified as automated brute-force attacker targeting SSH/Telnet credentials (medium confidence). Origin: enriched. Listed on: AbuseIPDB (brute-force, exploited-host, hacking).
raw
NetRange: 78.0.0.0 - 78.255.255.255 CIDR: 78.0.0.0/8 NetName: 78-RIPE NetHandle: NET-78-0-0-0-1 Parent: () NetType: Allocated to RIPE NCC OriginAS: Organization: RIPE Network Coordination Centre (RIPE) RegDate: 2006-08-29 Updated: 2025-02-10 Comment: These addresses have been further assigned to users in the RIPE NCC region. Please note that the organization and point of contact details listed below are those of the RIPE NCC not the current address holder. ** You can find user contact information for the current address holder in the RIPE database at http://www.ripe.net/whois. Ref: https://rdap.arin.net/registry/ip/78.0.0.0 ResourceLink: https://apps.db.ripe.net/db-web-ui/query ResourceLink: whois.ripe.net OrgName: RIPE Network Coordination Centre OrgId: RIPE Address: P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country: NL RegDate: Updated: 2013-07-29 Ref: https://rdap.arin.net/registry/entity/RIPE ReferralServer: whois.ripe.net ResourceLink: https://apps.db.ripe.net/db-web-ui/query OrgAbuseHandle: ABUSE3850-ARIN OrgAbuseName: Abuse Contact OrgAbusePhone: +31205354444 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN OrgTechHandle: RNO29-ARIN OrgTechName: RIPE NCC Operations OrgTechPhone: +31 20 535 4444 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 26 days ago
Appeared in 10 threat reports