Critical Alert
IP 91.92.243.52 is a critical-risk address linked to exploited host activity with a maximum threat score of 10/10, presenting a significant danger to any exposed network infrastructure.
Threat intelligence aggregated from 20 automated honeypot sensors confirms 441 total abuse reports filed against this address during March 2026 alone. The reporting volume is substantial, with the dominant threat category identified as exploited host activity involving malware and exploit delivery. Despite a confidence score of 72%, the sustained reporting activity and consistent categorization across multiple detection sources indicate a reliable threat assessment. Geographically traced to the United States and operating through AS202412 under Omegatech LTD, this IP represents a compromised asset now repurposed for malicious campaigns. The activity frequency metric of 0/10 may reflect current dormancy in recent sampling windows, yet the historical report volume demonstrates persistent hostile reconnaissance.
The exploited host designation signifies that IP 91.92.243.52 belongs to a system that has been infiltrated and is being weaponised by threat actors without the legitimate operator's knowledge or consent. This threat profile differs from directly operated attack infrastructure because the compromised host can pivot to new targets, evade simple geo-blocking defences, and execute sophisticated multi-stage attacks. The malware and exploit activity associated with this address suggests involvement in automated infection chains, lateral movement attempts, or participation in botnet-style operations targeting vulnerable services across the internet.
Network defenders should immediately block IP 91.92.243.52 at the firewall or intrusion prevention system level to prevent inbound malicious connections. Implementing fail2ban or equivalent log-based attack mitigation tools can automate the detection and temporary banning of repeated connection attempts from this source. Organisations running publicly accessible services should enforce strong authentication mechanisms, particularly on administrative interfaces, and apply security patches promptly to reduce exposure to exploit-based compromise. Additionally, reporting the compromise to Omegatech LTD through appropriate abuse channels may contribute to takedown efforts and help restore the compromised system to its legitimate owner.
UA 
GB