Bulgaria (BG) Threat Intelligence

Bulgaria has 9,600 malicious IP addresses with 327,606 abuse reports. Top threat categories include ssh bruteforce, generic bruteforce, web attack, web scanner, repeat offender. Top attacking networks: Tamatiya EOOD (1,068 IPs), ColocaTel Inc. (1,045 IPs), Vivacom Bulgaria EAD (531 IPs). Data collected since 2023-04-08, last activity 2026-04-16.

Threat Assessment: Bulgaria exhibits moderate cyber threat activity, with a notable number of malicious IPs across multiple attack categories. The dominant attack types are ssh bruteforce, generic bruteforce, web attack. The majority of threats originate from networks operated by Tamatiya EOOD and ColocaTel Inc..

Total Reports

327,606

Unique IPs

9,600

First Seen

2023-04-08

Last Activity

2026-04-16

Top Threat Categories

Ssh Bruteforce 4,779

Generic Bruteforce 500

Web Attack 125

Web Scanner 31

Repeat Offender 11

Top Attacking Networks

AS50360 Tamatiya EOOD

1,068 IPs

AS213438 ColocaTel Inc.

1,045 IPs

AS8866 Vivacom Bulgaria EAD

531 IPs

Most Reported IPs in Bulgaria

195.178.110.30 3,916 reports

87.121.52.71 2,841 reports

195.178.110.15 603 reports

93.123.109.38 411 reports

78.128.112.74 294 reports

Access this data via API

Get Bulgaria threat intelligence programmatically.

curl https://ip.wayscloud.services/api/country/BG

View full API documentation

See how we classify and verify threats →

Check any IP from Bulgaria

Look up threat intelligence for a specific IP address.

Related: Country Threat Ranking Country Risk Trends → Top Malicious IPs → AS50360 Intelligence AS213438 Intelligence AS8866 Intelligence Global Attack Trends Detect Malicious Traffic

Loading threat intelligence data...

Bulgaria (BG) Threat Intelligence

Top Threat Categories

Top Attacking Networks

Most Reported IPs in Bulgaria

Access this data via API

Check any IP from Bulgaria

Country Threat Intelligence Summary: Bulgaria

AI Threat Analysis

Activity Trend

Attack Categories

Severity Distribution

Top Attacking IPs