IOC Radar
IPMediumSignal 39/100

79.124.62.6

Location
BulgariaBulgaria
Victoria, La Rivière Anglaise
ASN
AS207812
Internet Solutions & Innovations LTD
First Seen
May 12, 2021
Last Seen
Oct 3, 2025
May 12
First Seen
1868d ago
Oct 3
Last Seen
263d ago
4
Reports
source reports
39%
Confidence
medium
Found in 4 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
39%
Signal Score
39 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

41 techniques

Network Information

CountryBGBulgaria
RegionVictoria, La Rivière Anglaise
ASNAS207812
OrganizationInternet Solutions & Innovations LTD

Feed Intelligence Summary

4 reports39% confidence
4
Source reports
39%
Confidence score
Category tags
active scanningapplication layer protocolattackbotnetbrute forcebrute force attackbulgariaciscocisco asacisco asa attackcisco asa vulnerabilitycisco devicecode executioncommand and controlcommand executioncommunication protocolcompromise assessmentconfigcowriecowrie activitycowrie attackcowrie honeypotcowrie interactioncowrie ssh honeypotcredential accesscredential stuffingdata exfiltrationdecoy systemdenial of servicedevice managementdionaea activitydionaea attackdionaea honeypotdionaea interactiondirectory enumerationdistributed attacksenterprise networkingeuropeexploitation attemptsftpftp brute forcehackinghttp scannerhttpsindicatorinitial accesslateral movementlogin attackmalicious activitymalicious softwaremalwaremalware behaviourmalware capturenetworknetwork attacksnetwork infrastructurenetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynetwork service scanningpassword attackpassword attacksprocess injectionprotocol exploitationreconnaissanceredmineresearchedscannerscanning activityscripting attacksservice enumerationseychellessftpsftp attacksftp exploitslugsoftware exploitationsshssh attackssh monitoringsurface webt1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1027t1040t1041t1046t1055t1059t1059.001t1059.004t1059.005t1059.007t1068t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1210t1486t1496t1499.001t1499.002t1499.003t1565t1589t1589.002t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat actorthreat intelligencetpotceunauthorized access attemptunauthorized login attemptsweb application scanningweb attackweb exploitationweb scannerweb scannersweb traffic

Activity Timeline

1 total obs
Oct 3Oct 3

Threat Activity Heatmap

· Peak: 2025-10-03
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreLow Risk
39
SIGNAL
Signal Score
39%
Confidence
4
Reports
First seenMay 12, 2021
Last seenOct 3, 2025
GeolocationBG
CountryBulgaria
LocationVictoria, La Rivière Anglaise
ASNAS207812
OrgInternet Solutions & Innovations LTD
Coords-4.6260, 55.4542

VirusTotal

Not checked

WHOIS

description
2024-12-28T10:34:47.968Z Honeypot : Ciscoasa : Source: 79.124.62.6 : Message: {'timestamp': '2024-12-28T10:34:47.968729', 'src_ip': '79.124.62.6', 'payload_printable': '"GET /+CSCOE+/logon.html HTTP/1.1" 302 -'}

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 8 months ago
Appeared in 4 threat reports