IOC Radar
IPMediumSignal 62/100

87.246.58.183

Location
BulgariaBulgaria
Rousse, 22
ASN
AS205352
Cablenet GCN
First Seen
Jun 6, 2025
Last Seen
Feb 12, 2026
Jun 6
First Seen
369d ago
Feb 12
Last Seen
118d ago
6
Reports
source reports
62%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
62%
Signal Score
62 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

25 techniques

Network Information

CountryBGBulgaria
RegionRousse, 22
ASNAS205352
OrganizationCablenet GCN

Feed Intelligence Summary

6 reports62% confidence
6
Source reports
62%
Confidence score
Category tags
access controlactive scanningbotnetbrute forcebrute force attackbrute force attemptbulgariacommand and controlcommunication protocolcredential accesscredential stuffingdata exfiltrationddos attacksdecoy systemdistributed attackseuropeindicatorinternet of thingsintrusion detectioniociot botnetiot/ics attackmalicious network activitymalicious softwaremalwaremirai botnetnetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningpassword attacksprocess injectionprotocol exploitationreconnaissanceresearchedscanscannersecurity policyt1021.002t1040t1046t1055t1056.001t1059.001t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.001t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat intelligencethreat prevention

Activity Timeline

1 total obs
Feb 12Feb 12

Threat Activity Heatmap

· Peak: 2026-02-12
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
62
SIGNAL
Signal Score
62%
Confidence
6
Reports
First seenJun 6, 2025
Last seenFeb 12, 2026
GeolocationBG
CountryBulgaria
LocationRousse, 22
ASNAS205352
OrgCablenet GCN
Coords42.6951, 23.3250

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 87.246.56.0 - 87.246.59.255 netname: CABLENET_GCN descr: Cablenet Ruse country: BG admin-c: LLA69-RIPE tech-c: PJP79-RIPE status: ASSIGNED PA mnt-by: LIR-GCN-MNT mnt-lower: LIR-GCN-MNT mnt-routes: LIR-GCN-MNT created: 2023-01-26T09:03:45Z last-modified: 2024-11-19T09:23:34Z source: RIPE person: Ljudmil Ljubenov Atanasov address: Cable Net Ruse address: 11, Voden Str. address: Ruse, Bulgaria phone: +35982872020 nic-hdl: LLA69-RIPE mnt-by: GCN-LIR-MNT created: 2016-12-09T11:38:22Z last-modified: 2016-12-09T11:38:22Z source: RIPE # Filtered person: Pavlin Jivkov Petkov address: Cable Net Ruse address: 11, Voden Str. address: Ruse, Bulgaria phone: +359889000154 nic-hdl: PJP79-RIPE mnt-by: GCN-LIR-MNT created: 2016-12-09T11:33:36Z last-modified: 2016-12-09T11:33:36Z source: RIPE # Filtered route: 87.246.56.0/22 descr: Cablenet Ruse origin: AS205352 mnt-by: LIR-GCN-MNT created: 2023-01-26T09:08:54Z last-modified: 2024-11-19T09:28:22Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 6 threat reports