IPMediumSignal 100/100

`79.124.59.74`

Location

Bulgaria

Sopot, Plovdiv

ASN

AS50360

Tamatiya EOOD

First Seen

Aug 13, 2023

Last Seen

Apr 5, 2025

Aug 13

First Seen

1046d ago

Apr 5

Last Seen

446d ago

Reports

source reports

99%

Confidence

medium

Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

99%

Signal Score

100 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

32 techniques

Network Information

Country

Bulgaria

RegionSopot, Plovdiv

ASNAS50360

OrganizationTamatiya EOOD

Feed Intelligence Summary

15 reports99% confidence

Source reports

99%

Confidence score

Category tags

abuseaccess controlaccount discoveryackactive scanningattackbotnetbrute forcebrute force attackc2certcommand and controlcommunication protocolconnect scancredential accesscredential harvestingcredential stuffingdata exfiltrationdecoy systemdenial of servicedistributed attacksenumerationenumeration attemptexternal scanfinfin port scanfin scanfirewall detectionftp brute forcehttp brute forceids evasionindicatorinitial accessmalicious activitymalicious softwaremalwaremassive port scannetworknetwork attacksnetwork discoverynetwork enumerationnetwork mappingnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnull port scannull scanopen port detectionos fingerprintingpassword attackspassword crackingphishing attackpossible reconnaissancepotential vulnerability exploitationpotential vulnerability probingpotential vulnerability scanprocess injectionprotocol exploitationreconnaissancereconnaissance activityremote accessremote servicesresearchedscannersecurity policyservice detectionservice discoveryservice enumerationservice version detectionsocial engineeringsocradarssh attackstealthsuspected malicious activitysynsyn port scansyn scansystem discoveryt1016t1018t1021t1021.001t1040t1046t1055t1059t1068t1071.001t1076t1078t1087t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat actorthreat intelligencethreat preventiontsecudp port scanxmasxmas port scanxmas scan

Activity Timeline

1 total obs

Apr 5Apr 5

Threat Activity Heatmap

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Dormant

Threat ScoreHigh Risk

100

SIGNAL

Signal Score

99%

Confidence

Reports

First seenAug 13, 2023

Last seenApr 5, 2025

GeolocationBG

CountryBulgaria

LocationSopot, Plovdiv

ASNAS50360

OrgTamatiya EOOD

Coords42.6539, 24.7548

VirusTotal

Not checked

WHOIS

description: Port Scan 2024-08-30T22:16:24.000Z -> 79.124.59.74 scanned port 15953 on one of our servers

`79.124.59.74`

MITRE ATT&CK TTPs

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey