Report for IP: 195.178.110.246

Threat LevelHIGH69/1002 rule types across 2 attack categories
6 incidents on record · 2 rule types · confirmed on global blocklist · active over 3 days · last seen 1d ago · bulletproof hosting
PTR N/A
Org / ASN Techoff SRV Limited
Country 🇦🇩 Andorra
City Andorra la Vella, Andorra la Vella
Timezone Europe/Andorra
Bulletproof HostingTechoff SRV Limited (AS48090)
Techoff SRV Limited is a shell-company bulletproof hosting provider exposed in Team Cymru's "Jingle Shells" investigation as using a London virtual office shared with over 1,000 co-registered companies to fabricate legitimacy. Its entire autonomous system (AS48090) is listed on Spamhaus ASN-DROP, indicating the network is leased exclusively for criminal purposes. Individual IPs accumulate thousands of independent abuse reports for webshell scans, backup file probes, SSH brute force, and bot floods.

Attack Analysis

🇦🇩 Andorra · Andorra la Vella · 48090 · TECHOFF SRV LIMITED
IDS: Blocklist — Spamhaus DROP
This IP is on the Spamhaus DROP list — a dataset of netblocks hijacked or leased by professional spam and cybercrime operations with no legitimate users. Traffic from DROP-listed ranges is considered hostile by design. Blocking is unconditional.
Git Repository Exposure Probe
This IP requested the /.git/ directory, attempting to download source code, commit history, database credentials, and API keys from an accidentally exposed Git repository. Automated tools can reconstruct an entire codebase from an exposed .git folder. No legitimate client ever requests this path.

Reports (6)

Date Severity Description
13 Jun 2026 - 00:23 high Web: Git repo exposure probe
11 Jun 2026 - 04:31 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 44
10 Jun 2026 - 08:48 high Web: Git repo exposure probe
10 Jun 2026 - 07:37 high IDS: Blocklist — Spamhaus DROP listed IP
10 Jun 2026 - 07:37 high Web: Git repo exposure probe
10 Jun 2026 - 07:37 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 44

Related IPs — Same /24 Block (195.178.110.0/24)

195.178.110.30CRITICAL106 reports195.178.110.188HIGH10 reports195.178.110.135HIGH1 report195.178.110.159HIGH5 reports195.178.110.199HIGH4 reports195.178.110.2HIGH8 reports195.178.110.204HIGH2 reports195.178.110.162ELEVATED2 reports
Part of EagleEye Intelligence