91.92.242.178 Threat Intelligence and Host Information

Feb 27, 2026 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 91.92.242.178 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 60/100

Host and Network Information

  • Mitre ATT&CK IDs: T1027 - Obfuscated Files or Information, T1036.006 - Space after Filename, T1059.001 - PowerShell, T1071.001 - Web Protocols, T1071 - Application Layer Protocol, T1078 - Valid Accounts, T1090 - Proxy, T1102 - Web Service, T1105 - Ingress Tool Transfer, T1110 - Brute Force, T1140 - Deobfuscate/Decode Files or Information, T1195.002 - Compromise Software Supply Chain, T1547.001 - Registry Run Keys / Startup Folder, T1555.003 - Credentials from Web Browsers, T1573.002 - Asymmetric Cryptography, T1573 - Encrypted Channel, T1583.006 - Web Services, T1585 - Establish Accounts, T1586 - Compromise Accounts, T1595 - Active Scanning

  • Tags: 2026-01, 2026-02, Adbhoney, auto-blocked, auto-generated, Automated, auto-updated, blocked-ips, cisco, cowrie, dionaea, dugganusa, DugganUSA, email, github, heralding, honeytrap, infostealer, isp-reputation, LAMP, mailoney, malicious, mitre-attack, OpenCTI, pattern-32, pattern-38, rhadamanthys, sentrypeer, sftp, sip, ssh, ssl-enrichment, stealc, stix-2.1, supply-chain, tanner, threat-intel, threat-intelligence

  • View other sources: Spamhaus VirusTotal

  • Country: Bulgaria
  • Network:
  • Noticed: 50 times
  • Protocols Attacked: web
  • Countries Attacked: Australia, Brazil, Canada, China, Denmark, France, Germany, Hong Kong, Indonesia, Ireland, Israel, Italy, Japan, Korea Republic of, Liechtenstein, Lithuania, Mexico, Netherlands, Norway, Poland, Romania, Russian Federation, Singapore, Spain, Sweden, United Arab Emirates, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 5 660479eede3961d34771741bf3523a8cab9f7497b310c6dc8f662408e338df0b 986ce9f0a0e4c91896ee88501733d2b51e836c8ff5cf2957615494debb482c61 ab127ca9fd661cb35c1778b16d61cb512025aee1652197b31456eece7c11d028 d529050c8a31b48726208b90f7706b91431ec0be2208da061e312ecdd2004f81 0d43ffbfcacd8d6329e9d14ad7f0cb57d3803c59c831f11dc6e56bd4f05eee39

Open Ports Detected

22 443

Map

Whois Information

  • inetnum: 91.92.242.0 - 91.92.242.255
  • netname: OMEGATECH
  • country: NL
  • geofeed: https://omegatech.sc/geofeed.csv
  • descr: OMEGATECH
  • org: ORG-OL329-RIPE
  • abuse-c: CA12141-RIPE
  • admin-c: CA12141-RIPE
  • tech-c: CA12141-RIPE
  • mnt-domains: omegatechsc-mnt
  • mnt-lower: omegatechsc-mnt
  • mnt-routes: omegatechsc-mnt
  • status: ASSIGNED PA
  • mnt-by: lir-tr-mgn-1-MNT
  • created: 2025-09-12T13:45:24Z
  • last-modified: 2026-01-21T12:55:31Z
  • organisation: ORG-OL329-RIPE
  • org-name: Omegatech LTD
  • org-type: OTHER
  • address: HOUSE OF FRANCIS ROOM 303, ILE DU PORT, MAHE, SEYCHELLES
  • country: SC
  • abuse-c: CA12141-RIPE
  • mnt-ref: omegatechsc-mnt
  • mnt-ref: lir-tr-mgn-1-MNT
  • created: 2026-01-05T00:10:50Z
  • last-modified: 2026-01-21T12:55:02Z
  • mnt-by: omegatechsc-mnt
  • role: Abuse Contact
  • address: abuse@omegatech.sc
  • nic-hdl: CA12141-RIPE
  • abuse-mailbox: abuse@omegatech.sc
  • mnt-by: omegatechsc-mnt
  • created: 2026-01-05T00:09:14Z
  • last-modified: 2026-01-21T12:42:42Z
  • route: 91.92.242.0/24
  • origin: AS202412
  • created: 2026-01-21T12:34:24Z
  • last-modified: 2026-01-21T12:34:24Z
  • mnt-by: lir-tr-mgn-1-MNT

Links to attack logs

cfglobal-web-bruteforce-ip-list-2026-02-26

Share on: