DigitalOcean Referral Badge
cloud1
cloud2
cloud3
cloud4
cloud5
cloud6
← Back

CITY REPORT — Sopot / Plovdiv / Bulgaria · Sopot / Plovdiv / Bulgaria

First sighted: July 7, 2023, 3 a.m. · Last sighted: March 2, 2026, 2 a.m.

Risk
48 (med)
Total hits
1995
Total errors
773
Distinct IPs
20
Distinct ASNs
3
Country
Bulgaria
Region
Plovdiv
City
Sopot

Risk

Model: v1 Computed: 2026-03-04 18:16:17
Risk score
48
Risk gradient
Key drivers are enriched against the published annotator catalog when available; otherwise sensible defaults are used.
Annotator influence radar
Rendering annotator influence profile…
Normalized contribution (0..1) per annotator versus robust per-code envelope.
Key drivers
Credential brute forcing
Repeated authentication attempts consistent with password guessing or credential stuffing.
cred
Hits 59
Points 216.70
Firewall probing
Traffic behavior suggests probing of access controls and protected surfaces.
fwprobe
Hits 12
Points 138.60
Sensitive file probing
Requests target commonly sensitive files, configs, backups, or administrative resources.
sfp
Hits 9
Points 46.64
HTTP method anomaly
Unusual or unexpected HTTP methods observed for the target endpoints.
method
Hits 44
Points 26.40
User-Agent anomaly
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
ua
Hits 59
Points 9.64
Protocol anomaly
Request structure or protocol-level signals deviate from typical browser HTTP traffic.
proto
Hits 5
Points 4.80

Top Organizations Operating In The City

Most-observed organizations in this city
Tamatiya EOOD 4media Terasyst Ltd

Traffic

Rollup

Daily activity (hits per day) and basic HTTP rollup counters for this city.

Loading activity…
Daily activity (hits per day). Total in window: .
Traffic rollup
HTTP status classes, URL diversity, and totals.
2xx
502
3xx
719
4xx
767
5xx
6
Unique URLs
0
Total hits
1995
First seen
July 7, 2023, 3 a.m.
Last seen
March 2, 2026, 2 a.m.

Annotators (All-time)

Heatmap of annotator × severity. Darker cells mean more volume in that band. Tip: switch to Weighted points to see what drives impact (not just noise).

Severity →
Low High
Credential brute forcing cred
Repeated authentication attempts consistent with password guessing or credential stuffing.
hits 59 pts 216.70
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
10 31 1 170.50 Dec. 23, 2024, 4:23 p.m. Feb. 9, 2025, 5:15 p.m.
cred 31
12 7 1 46.20 Jan. 18, 2025, 11:19 p.m. Feb. 9, 2025, 5:15 p.m.
cred 7
0 21 1 0.00 Dec. 23, 2024, 4:23 p.m. Feb. 9, 2025, 5:15 p.m.
cred 21
Firewall probing fwprobe
Traffic behavior suggests probing of access controls and protected surfaces.
hits 12 pts 138.60
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
28 6 1 75.60 Sept. 6, 2024, 4:40 a.m. Jan. 24, 2025, 3:31 p.m.
fwprobe 6
22 5 1 49.50 Oct. 3, 2023, 1:13 a.m. Dec. 2, 2023, 11:17 a.m.
fwprobe 5
30 1 1 13.50 Dec. 27, 2024, 5:14 p.m. Dec. 27, 2024, 5:14 p.m.
fwprobe 1
Sensitive file probing sfp
Requests target commonly sensitive files, configs, backups, or administrative resources.
hits 9 pts 46.64
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
24 7 1 36.96 Sept. 6, 2024, 4:01 a.m. April 6, 2025, 3:30 a.m.
sensitive_file 7
22 2 1 9.68 Sept. 7, 2023, 8:10 p.m. Sept. 7, 2023, 8:10 p.m.
sensitive_file 2
HTTP method anomaly method
Unusual or unexpected HTTP methods observed for the target endpoints.
hits 44 pts 26.40
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
10 44 1 26.40 May 16, 2025, 3:52 p.m. Feb. 28, 2026, 11:59 p.m.
method 44
User-Agent anomaly ua
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
hits 59 pts 9.64
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
8 52 1 8.32 Sept. 7, 2023, 8:10 p.m. Feb. 28, 2026, 11:59 p.m.
ua 52
10 6 1 1.20 Sept. 6, 2024, 4:01 a.m. April 6, 2025, 3:30 a.m.
ua 6
6 1 1 0.12 Sept. 6, 2024, 4:01 a.m. Sept. 6, 2024, 4:01 a.m.
ua 1
Protocol anomaly proto
Request structure or protocol-level signals deviate from typical browser HTTP traffic.
hits 5 pts 4.80
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
12 5 1 4.80 June 19, 2025, 3:58 p.m. Jan. 22, 2026, 6:19 a.m.
proto 5

HTTP Status Breakdown

Response mix grouped by status class (2xx/3xx/4xx/5xx). Uses totals aggregation and renders a donut.

Loading status mix…
Running one aggregation and rendering the chart.

Geolocation

Live geolocation and map tiles auto-load for this Org snapshot (peer IPs with coordinates).

Loading map…

Top Autonomous System Networks

Most-observed networks in this city
AS50360 · Tamatiya EOOD AS208637 · 4 Vendeta Ltd AS31420 · Terasyst Ltd

Interesting IPs

Top risky peers inside this city (latest snapshot). Sorted by risk score, then hits.

78.128.112.220 low
Open report
21 /100
Last seen 2025-02-13 02:00
Hits
68
Errors
25
Country
Bulgaria
ASN
AS208637
AS Org
4 Vendeta Ltd
79.124.58.198 low
Open report
20 /100
Last seen 2025-10-12 03:00
Hits
1273
Errors
504
Country
Bulgaria
ASN
AS50360
AS Org
Tamatiya EOOD
79.124.58.138 low
Open report
4 /100
Last seen 2025-04-07 03:00
Hits
7
Errors
5
Country
Bulgaria
ASN
AS50360
AS Org
Tamatiya EOOD
78.128.112.205 low
Open report
3 /100
Last seen 2024-09-15 03:00
Hits
16
Errors
7
Country
Bulgaria
ASN
AS208637
AS Org
4 Vendeta Ltd
79.124.49.238 low
Open report
2 /100
Last seen 2025-01-03 02:00
Hits
4
Errors
4
Country
Bulgaria
ASN
AS50360
AS Org
Tamatiya EOOD
79.124.58.134 low
Open report
1 /100
Last seen 2023-12-03 02:00
Hits
3
Errors
3
Country
Bulgaria
ASN
AS50360
AS Org
Tamatiya EOOD
79.124.56.162 low
Open report
1 /100
Last seen 2025-01-25 02:00
Hits
2
Errors
2
Country
Bulgaria
ASN
AS50360
AS Org
Tamatiya EOOD
79.124.59.10 low
Open report
1 /100
Last seen 2023-10-05 03:00
Hits
2
Errors
2
Country
Bulgaria
ASN
AS50360
AS Org
Tamatiya EOOD
79.124.40.174 low
Open report
0 /100
Last seen 2026-03-02 02:00
Hits
579
Errors
217
Country
Bulgaria
ASN
AS50360
AS Org
Tamatiya EOOD
79.124.56.190 low
Open report
0 /100
Last seen 2023-10-06 03:00
Hits
8
Errors
0
Country
Bulgaria
ASN
AS50360
AS Org
Tamatiya EOOD
79.124.59.226 low
Open report
0 /100
Last seen 2024-09-24 03:00
Hits
6
Errors
0
Country
Bulgaria
ASN
AS50360
AS Org
Tamatiya EOOD
5.181.80.95 low
Open report
0 /100
Last seen 2023-09-08 03:00
Hits
6
Errors
0
Country
Bulgaria
ASN
AS50360
AS Org
Tamatiya EOOD
79.124.59.254 low
Open report
0 /100
Last seen 2023-10-21 03:00
Hits
5
Errors
0
Country
Bulgaria
ASN
AS50360
AS Org
Tamatiya EOOD
79.124.49.226 low
Open report
0 /100
Last seen 2026-02-24 02:00
Hits
4
Errors
0
Country
Bulgaria
ASN
AS50360
AS Org
Tamatiya EOOD
79.134.176.12 low
Open report
0 /100
Last seen 2026-02-02 02:00
Hits
3
Errors
1
Country
Bulgaria
ASN
AS31420
AS Org
Terasyst Ltd
79.124.56.254 low
Open report
0 /100
Last seen 2023-08-18 03:00
Hits
3
Errors
0
Country
Bulgaria
ASN
AS50360
AS Org
Tamatiya EOOD
79.134.179.190 low
Open report
0 /100
Last seen 2026-02-01 02:00
Hits
2
Errors
0
Country
Bulgaria
ASN
AS31420
AS Org
Terasyst Ltd
79.124.59.86 low
Open report
0 /100
Last seen 2023-07-08 03:00
Hits
2
Errors
2
Country
Bulgaria
ASN
AS50360
AS Org
Tamatiya EOOD
79.134.179.198 low
Open report
0 /100
Last seen 2026-02-13 02:00
Hits
1
Errors
0
Country
Bulgaria
ASN
AS31420
AS Org
Terasyst Ltd
91.191.222.190 low
Open report
0 /100
Last seen 2026-02-06 02:00
Hits
1
Errors
1
Country
Bulgaria
ASN
AS50360
AS Org
Tamatiya EOOD