91.92.241.197 Threat Intelligence and Host Information

Mar 31, 2026 ipinfopage

General

IP Address

91.92.241.197

IPv4 Address

Location

🇧🇬 Sistov, Bulgaria

Network

AS34368

Natskovi & Sie Ltd.

Threat Score

55/100

High Risk

138f5232-bit64-bit7zAdaptixC2agentteslaAgentTesla

Attack Intelligence

MITRE ATT&CK Techniques

T1056 - Input Capture, T1090 - Proxy, T1190 - Exploit Public-Facing Application, T1566 - Phishing

Open Ports Detected

Geographic Location

Country

Bulgaria

City

Sistov

Region

Veliko Tarnovo

Coordinates

43.6264, 25.3544

Network Information

ASN

AS34368

Organization

Natskovi & Sie Ltd.

Network

AS34368 Natskovi & Sie Ltd.

WHOIS Information

inetnum

91.92.241.0 - 91.92.241.255

netname

OMEGATECH

country

geofeed

https://omegatech.sc/geofeed.csv

descr

OMEGATECH

org

ORG-OL329-RIPE

abuse-c

CA12141-RIPE

admin-c

CA12141-RIPE

tech-c

CA12141-RIPE

mnt-domains

omegatechsc-mnt

mnt-lower

omegatechsc-mnt

mnt-routes

omegatechsc-mnt

status

ASSIGNED PA

mnt-by

lir-tr-mgn-1-MNT

created

2026-01-21T12:34:18Z

last-modified

2026-01-21T12:34:18Z

organisation

ORG-OL329-RIPE

org-name

Omegatech LTD

org-type

OTHER

address

abuse@omegatech.sc

mnt-ref

lir-tr-mgn-1-MNT

role

Abuse Contact

nic-hdl

CA12141-RIPE

abuse-mailbox

abuse@omegatech.sc

Attack Logs

Date	Target Location	Protocol	Link
2026-03-31	Cfglobal-Web	MULTIPLE	View Log

Country: Bulgaria
Network:
Noticed: 36 times
Protocols Attacked: web
Countries Attacked: Canada, Korea Republic of, United States of America
Passive DNS Results: www.aguasdecartagena.st www.airepagos.st enelcodensapse.st airepse.st www.emcalipagos.st www.airepse.st www.enelcodensapse.st emcalipagos.st www.epmpagos.st epmpagos.st aguasdecartagena.st epmfactura.st airepagos.st epmpagarfactura.st afiniapagarfactura.st sheitsa.xyz

Malware Detected on Host

Count: 6 b462faa1a7a74d04b0110120ec3849019d9c251bbed07708095bed39ac2bee71 ff962112ca5916abc5fcf8fe38d6761b923cf5e9feb6508d487512a77e8af209 ae96eca0012e418deb38986aa723eb5fd3fe4e52dced8adcaf7d677fd2eebbd2 0a38a2b5c3c4f36cc6e37b8e2243be2b73aa803ee0dec1e71b3fc1ddb8b15696 babe561cbefbeaab2bffbcabca61ae3c28e31419a3908796b2e42f0ded4a1f78 dccf39e4c335042ebb3982f3ea14de3abea95460a55af87823364a37705a80f8

Disclaimer

This page contains threat intelligence information for the IPv4 address 91.92.241.197 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.