Threat LevelCRITICAL81/1001 rule type
10 incidents · confirmed on global blocklist · 10 attacks/day · seen 26m ago · bulletproof hosting
| PTR | ip-49-70.4vendeta.com |
| Org / ASN | Tamatiya EOOD |
| Country | 🇧🇬 Bulgaria |
| City | Sopot, Plovdiv |
| Timezone | Europe/Sofia |
Abuse-Tolerant HostingTamatiya EOOD / 4vendeta.com (AS50360 + AS209160)
Tamatiya EOOD (registered Sopot, Bulgaria; reportedly Russian-operated) runs AS50360 under the 4vendeta.com and VenomDC brands across 26 confirmed CIDR blocks (~6,000 IPs). A satellite ASN, AS209160 (Miti 2000 EOOD / Rack-web, nominally Seychelles-registered), is maintained by Tamatiya's own TAMATYA-MNT maintainer object — treat both as one operator. Neighboring IPs accumulate tens of thousands of AbuseIPDB reports: one IP carries 36,949 reports at 100% confidence. The consistent PTR scheme (ip-[octet3]-[octet4].4vendeta.com) confirms static VPS allocations used for port scanning, SMTP dictionary attacks with subnet-hopping on block, service probing, and honeypot-tripping reconnaissance.
Attack Analysis
IDS: Threat Intel — CINS Active Threat
This IP appears in the CINS (Collective Intelligence Network Security) Active Threat Intelligence feed — a real-time blocklist of IPs with poor reputation scores derived from observed malicious activity. CINS-listed IPs are actively engaged in attacks at the time of detection.
Reports (10)
| Date | Severity | Description |
|---|---|---|
| 4 Jun 2026 - 16:35 | high | IDS: Threat Intel — CINS poor reputation IP |
| 4 Jun 2026 - 13:03 | high | IDS: Threat Intel — CINS poor reputation IP |
| 4 Jun 2026 - 11:57 | high | IDS: Threat Intel — CINS poor reputation IP |
| 4 Jun 2026 - 09:44 | high | IDS: Threat Intel — CINS poor reputation IP |
| 4 Jun 2026 - 08:30 | high | IDS: Threat Intel — CINS poor reputation IP |
| 4 Jun 2026 - 06:47 | high | IDS: Threat Intel — CINS poor reputation IP |
| 4 Jun 2026 - 05:32 | high | IDS: Threat Intel — CINS poor reputation IP |
| 4 Jun 2026 - 03:00 | high | IDS: Threat Intel — CINS poor reputation IP |
| 4 Jun 2026 - 01:10 | high | IDS: Threat Intel — CINS poor reputation IP |
| 3 Jun 2026 - 23:48 | high | IDS: Threat Intel — CINS poor reputation IP |
EagleEye Intelligence