Threat LevelCRITICAL91/1003 rule types across 2 attack categories
33 incidents · 3 rule types · active attacker + blocklisted · 33 attacks/day · seen 12h ago · bulletproof hosting
| PTR | N/A |
| Org / ASN | Techoff SRV Limited |
| Country | 🇳🇱 The Netherlands |
| City | Amsterdam, North Holland |
| Timezone | Europe/Amsterdam |
Bulletproof HostingTechoff SRV Limited (AS48090)
Techoff SRV Limited is a shell-company bulletproof hosting provider exposed in Team Cymru's "Jingle Shells" investigation as using a London virtual office shared with over 1,000 co-registered companies to fabricate legitimacy. Its entire autonomous system (AS48090) is listed on Spamhaus ASN-DROP, indicating the network is leased exclusively for criminal purposes. Individual IPs accumulate thousands of independent abuse reports for webshell scans, backup file probes, SSH brute force, and bot floods.
Attack Analysis
IDS: Blocklist — Spamhaus DROP
This IP is on the Spamhaus DROP list — a dataset of netblocks hijacked or leased by professional spam and cybercrime operations with no legitimate users. Traffic from DROP-listed ranges is considered hostile by design. Blocking is unconditional.
IDS: Blocklist — Dshield
This IP was reported to the DShield community blocklist by multiple independent security sensors worldwide. DShield aggregates firewall logs from thousands of contributors; IPs on this list are confirmed active attackers observed across many networks.
Suricata IDS Alert
Suricata intrusion detection flagged this IP for malicious network behaviour — including port scanning, exploit attempts, botnet activity, or known attack signatures. The specific signature is shown in the report list below.
Reports (33)
| Date | Severity | Description |
|---|---|---|
| 19 Jun 2026 - 04:24 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 7 |
| 19 Jun 2026 - 04:24 | high | IDS: Blocklist — Dshield listed IP — ET DROP Dshield Block Listed Source group 1 |
| 19 Jun 2026 - 03:22 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 7 |
| 19 Jun 2026 - 03:22 | high | IDS: Blocklist — Dshield listed IP — ET DROP Dshield Block Listed Source group 1 |
| 18 Jun 2026 - 23:17 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 7 |
| 18 Jun 2026 - 23:17 | high | IDS: Blocklist — Dshield listed IP — ET DROP Dshield Block Listed Source group 1 |
| 18 Jun 2026 - 21:41 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 7 |
| 18 Jun 2026 - 21:41 | high | IDS: Blocklist — Dshield listed IP — ET DROP Dshield Block Listed Source group 1 |
| 18 Jun 2026 - 20:27 | high | IDS: Blocklist — Dshield listed IP — ET DROP Dshield Block Listed Source group 1 |
| 18 Jun 2026 - 20:27 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 7 |
| 18 Jun 2026 - 19:14 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 7 |
| 18 Jun 2026 - 19:14 | high | IDS: Blocklist — Dshield listed IP — ET DROP Dshield Block Listed Source group 1 |
| 18 Jun 2026 - 18:10 | high | IDS: Blocklist — Dshield listed IP — ET DROP Dshield Block Listed Source group 1 |
| 18 Jun 2026 - 18:10 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 7 |
| 18 Jun 2026 - 16:05 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 7 |
| 18 Jun 2026 - 16:05 | high | IDS: Blocklist — Dshield listed IP — ET DROP Dshield Block Listed Source group 1 |
| 18 Jun 2026 - 13:15 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 7 |
| 18 Jun 2026 - 13:15 | high | IDS: Blocklist — Dshield listed IP — ET DROP Dshield Block Listed Source group 1 |
| 18 Jun 2026 - 12:14 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 7 |
| 18 Jun 2026 - 12:14 | high | IDS: Blocklist — Dshield listed IP — ET DROP Dshield Block Listed Source group 1 |
EagleEye Intelligence