Critical Alert
IP 195.178.110.204 is a critical-risk address originating from Bulgaria that has generated 453 abuse reports from automated honeypot sensors over approximately three months, indicating sustained and aggressive malicious activity.
The address, registered to Techoff Srv Limited under autonomous system AS48090, was first reported in April 2026 with continued activity through June 2026. All 20 recent threat reports consistently categorise the observed behaviour as hacking activity, encompassing various intrusion attempts and vulnerability exploitation observed by honeypot sensors. With a confidence score of 94% and an activity frequency rated 8 out of 10, this IP demonstrates persistent targeting of internet-facing systems.
The hacking activity detected from this address represents a broad category of intrusion operations, including automated vulnerability scanning, exploitation attempts against unpatched services, and credential-based attacks against exposed entry points. The high report volume and sustained frequency indicate that this IP is likely operated as part of an automated attack infrastructure, systematically probing networks at scale. For any organisation running SSH, RDP, web applications, or database services without proper hardening, such traffic poses a direct risk of unauthorised access, data exfiltration, or compromise of critical systems.
Administrators should immediately block IP 195.178.110.204 at the network perimeter firewall and implement geoblocking for Bulgarian address space unless business justification exists. Deploying tools such as fail2ban or equivalent dynamic firewall rules can automatically block repeated connection attempts from this source. Enforcing key-based authentication for remote access services, applying timely security patches, and maintaining intrusion detection monitoring will significantly reduce exposure to the intrusion patterns associated with this address.
RO 
FR 
SE 
TR