Critical Threat
IP 78.153.140.50 is a critical-risk address operated by Hostglobal.plus Ltd in the United Kingdom that has generated 728 abuse reports from automated honeypot sensors over a seven-month period, with the dominant threat classification being general hacking activity including intrusion attempts and vulnerability exploitation.
The address, registered to ASN AS202306 under Hostglobal.plus Ltd, was first reported in October 2025 with the most recent activity logged in May 2026, indicating sustained hostile engagement across nearly half a year. The threat level has been assessed at the maximum possible score of 10 out of 10, while the activity frequency rating of 8 out of 10 confirms continuous rather than sporadic involvement in malicious operations. All 20 reported threat incidents within the analyzed window were categorized specifically as hacking activity detected exclusively through automated honeypot sensors, lending confidence to the assessment at a 69 percent reliability rating. The concentration of reports exclusively from honeypot infrastructure suggests the address is systematically probing network perimeters rather than generating generalized noise traffic.
The hacking classification associated with this IP encompasses a broad spectrum of unauthorized access attempts, including exploitation of software vulnerabilities, credential attacks, and probing for misconfigured services. For any exposed server or application directly reachable from the internet, persistent intrusion-level activity from a high-confidence hostile source represents a concrete and ongoing risk of compromise if defensive controls are inadequate. Attackers leveraging this address are not performing passive reconnaissance alone; the sustained frequency and volume of reports indicate active exploitation attempts against target systems.
Network operators and security teams should treat this IP as a confirmed threat source and implement immediate defensive measures. Deploying or configuring tools such as fail2ban or equivalent intrusion-prevention systems to automatically block repeated connection attempts from this address will reduce exposure. Enforcing strong authentication requirements, disabling unnecessary services, and ensuring all exposed software is current with security patches will hardening attack surfaces against the intrusion techniques this address employs. Continuous monitoring of authentication logs for source IP 78.153.140.50 is strongly advisable to identify any successful access attempts that may bypass initial blocking layers.
FR 
PE 
CH 
HK