Critical Alert
IP 91.92.243.154 is a critical-risk address classified as an exploited host, indicating this server has been compromised and is actively being weaponized by threat actors for malicious campaigns without the knowledge of its rightful owner. With a threat level rating of 10 out of 10 and 442 independent abuse reports filed against this single IP, the IP reputation for 91.92.243.154 is definitively hostile and poses severe risk to any exposed service.
The activity was detected through 20 automated honeypot sensors across a concentrated reporting window in March 2026, with all reports consistently categorizing the threat as an exploited host. Omegatech LTD operates the underlying network under ASN AS202412, and geolocation data places the infrastructure in the United States. The volume of reports is substantial relative to the detection period, and the 72% confidence score reflects strong corroboration across independent sources. Despite the system's compromised status, the sheer volume of targeting activity means this IP is actively scanning or attacking other infrastructure on the internet.
An exploited host classification signifies that 91.92.243.154 has been breached, likely through vulnerability exploitation, weak credentials or malware delivery, and is now operating as a forward operating base for threat actors. The concrete risk is that this compromised server is being used to launch secondary attacks—including scanning, exploitation attempts or malware distribution—against other organizations. The original owner faces reputational damage and potential legal liability, while targets of the outbound traffic face intrusion risk, data exfiltration and operational disruption.
Site operators should block 91.92.243.154 at the network perimeter or firewall level immediately. Implementing fail2ban or similar dynamic deny-listing tools on exposed services such as SSH, RDP and web interfaces will further reduce exposure to automated attacks originating from this source. Reviewing authentication logs for any successful or attempted connections from this IP is strongly advised. Organizations may also consider notifying the hosting provider, Omegatech LTD, to alert them that one of their assigned addresses is functioning as an attack platform.
UA 
GB